Specifies
the name of the host where the SSH support software runs, and to which the
host listens. This parameter is required when and only when SSH Channel Established
is set to Yes. The reason for this is, if you choose No this Listen Host will
always be localhost because the SSH client will always be started from localhost.
For optimum security, it is recommended that you use localhost as your choice.
The connection to the corresponding port number on this host is forwarded
to the FTP server through an SSH-secure channel.
On the listen host, the SSH support software must be configured and
started with the Port-Forwarding option.
The FTP command connection is forwarded through the secure tunnel. The
corresponding SSH command uses the following model:
ssh -L ListenPort:FtpServerHost:FtpServerPort -o
BatchMode=yes SSHServer
If this host name is not localhost, the data transport between the local
host and the SSH listen host is not secure. Also, your SSH support software
should be configured to allow connections to other hosts (for some SSH clients,
it is an option -g).
For example, on an SSH listen host, you could issue a command, such
as:
ssh -L 4567:apple:21 -o BatchMode=yes apple
or
ssh -L 5678:orange: 21 -o BatchMode=yes apple
Regardless, the transport between the SSH listen host and the FTP server
is still secure.
|