[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: passive/active ftp

  ftpd: [ ] can't build data directory: no such file or directory.

Assuming you got past the ssh ident string problem you were having before, I
think your problem is in ftpd dataconn():

	if (memcmp(fa, ha, alen) != 0) {
		perror_reply(435, "Can't build data connection");

What I think this does is to reject data connections when the control
channel source address is different from the data channel destination
address.  Since you are tunneling the control connection, its source address
will be localhost.  But you are not tunneling the data connection so its
address is the real client address.

I assume this is some kind of security measure.  As I told you before, ftp
is obsolete technology, and if you really want to transfer data in a secure
way you should be using something like afs or even scp.

For a quick fix, you could take out the check and rebuild ftpd.  I would not
want to comment on the security implications.  A better fix might be to
allow the connection to proceed if the control channel is coming from