0

First, a bit of background:

I've set up an OpenSSH server on my local media center (htpc, running Ubuntu 16.04 LTS) and I then connect to that externally, via SSH, by using the VX Connectbot app on my Android device - using this guide: https://thepcspy.com/read/remote-str...ess-xbmc-kodi/

In VX Connectbot I've also configured local port forwards for the "htpc" ssh connection, enabling me to reach a kodi instance and a transmission daemon, through the ssh tunnel. This is working quite well, and therefore I expected to be able to use the same technique for reaching the vsftpd server on the very same machine.

That, however, hasn't been the case, as I've been unable to connect the ftp server, in spite of having configured a local port forward for this exact purpose.

These are the port forwards currently configured for the htpc ssh connection in VX Connectbot:

Name: transmission http
Type: local
Source port: 9091
Destination: localhost:80

Name: kodi http
Type: local
Source port: 8080
Destination: localhost:8080

Name: ftp
Type: local
Source port: 21212
Destination: localhost:21

As already mentioned, the first two port forwards above work as expected, but the third one, for ftp, does not.

In the ftp client app (currently using Solid explorer, but have tried a few others), I have created a ftp connection with the following settings:

Name: htpc (remote)
Remote host name: localhost
Port number: 21212

(Path and username/password left out).

Just to be clear, I do have another ftp connection configured in the same app for connecting to the ftp server while on the home network, and this works without issues.

When I try to connect to the ftp server externally, I get the error: Connection refused.

It would be tempting to think that I'm simply dealing with a firewall issue here, but I don't believe that to be the case, as I get these lines in /var/log/vsftpd.log, when attempting an FTP connection from my Android device, which tells me that the ftp client actually does reach the ftp server, while still being unable to actually establish a connection:

Sun Jun 30 00:23:41 2019 [pid 31298] CONNECT: Client "::ffff:127.0.0.1"
Sun Jun 30 00:23:41 2019 [pid 31297] [soren] OK LOGIN: Client "::ffff:127.0.0.1"
Sun Jun 30 00:23:42 2019 [pid 31306] CONNECT: Client "::ffff:127.0.0.1"
Sun Jun 30 00:23:42 2019 [pid 31304] [soren] OK LOGIN: Client "::ffff:127.0.0.1"

I did try to allow all traffic on the iptables INPUT chain, effectively disabling packet filtering for incoming network traffic on the ftp server host, but this made no visible difference in that I still got "connection refused" error when trying to connect in Solid Explorer ftp client on my Android device.

So.. I'm at a bit of a loss with this issue and really hope someone is able to help me get this thing working.

Improve this question
7
  • 2
    Because FTP doesn't use one port. It uses multiple ports; one for the control channel, and one for the data channel. Don't use FTP. It's ancient and stupid protocol. Use something more modern, such as WebDAV, SFTP/SSH or CIFS.
    – vidarlo
    Commented Jun 30, 2019 at 13:49
  • Yeah, it uses port 20 as well, I know, but I would need to change that to a custom port in the ftp client app, for it to be correctly forwarded through the ssh tunnel, to port 20 on my local ftp server. With regards to using something more modern, I did first set up NFS shares on my media server, but later came to realise that there's no way to access (and download files) from an NFS share, to an Android device (short of rooting and manually mounting the shares, using BusyBox - which is not an option.
    – scporse
    Commented Jun 30, 2019 at 14:02
  • No matter the technology, transfer speed is of paramount importance to me. The thing is, I will be looking to download some rather large files (several GB in size) from my media server, so if WebDAV can compete with FTP in that aspect, I would be open to trying that instead. Do you have any recommendations for which server application to use? And what about a client app for Android?
    – scporse
    Commented Jun 30, 2019 at 14:14
  • It will not help to forward port 20 too. This port is used as the source port by the server in FTP active mode but port forwarding only cares about destination port of the server Also port forwarding does not support connections from the server as is the case in active mode but only connection to the server. If you would try passive mode instead you would need some helper to deal with the dynamic destination ports - which SSH does not provide. You might try the SOCKS mode of SSH if your FTP client supports SOCKS. In short: FTP is ugly.
    – Steffen Ullrich
    Commented Jun 30, 2019 at 14:35
  • Any protocol can. Including https and ssh. Modern protocols also support encryption. I regularly transfer several hundred gigabytes via either of them.
    – vidarlo
    Commented Jun 30, 2019 at 14:35

1 Answer 1

Reset to default
0

I ended up using SFTP in CX File Explorer instead... It's a bit slow, but this is not a problem since I'm doing most downloading when on the local network (via normal FTP connection).

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .