Do the SSH or FTP protocols tell the server to which domain I am trying to connect?

Question

When using the ssh or ftp commands from the Bash shell, does the server that I am connecting to learn of the domain name used? I understand that the domain name is locally translated into an IP address via DNS. In HTTP, after that happens, the server is told the original domain name as well in order to serve the correct page, or to present the correct TLS cert (SNI).

host serverfault.com
GET /

Does a similar phenomenon happen when connecting to ssh or ftp?

I ask because I am trying to ssh into a server (GoDaddy webhosting) which expects a domain name, but is not letting me in when I try to connect via user@IPaddress as the DNS is not yet moved to the GoDaddy IP address.

Do you have `.ssh/config` specific to the host name (or the IP address)? What error do you get? (Hmm, this is support, but not to the goal of answering the question...) — Andreas Krey, Mar 02 '15 at 07:18
Just the generic `Login authentication failed` for FTP and `Permission denied` for SSH. The actual connection is fine, and I've quadruple-checked the login credentials. — dotancohen, Mar 02 '15 at 07:22

Martin Prikryl · Answer 1 · 2021-05-18T12:28:23.643

The SSH/SFTP protocol does not have any mechanism to provide the host to the server.

There was a discussion about adding this functionality to OpenSSH, see "Virtual hosts" for ssh.

The FTP protocol does have HOST command, which is an equivalent to the HTTP Host header. It is specified by a relatively new RFC 7151. The RFC was published in March 2014 (though the first draft is from 2007). As such, it is not universally supported yet.

On a server-side, it's supported by IIS (the RFC is sponsored by Microsoft) and ProFTPD (since 1.3.6rc1). It's not supported by other common Unix FTP servers like Pure-FTPd or vsftpd.

On a client-side, it is supported by (my) WinSCP. It's not supported by FileZilla, as its author oppose the idea, nor by CyberDuck. I do not know about others.

Thank you, this will be an important consideration in the next few years when people come across this issue and google this question. — dotancohen, Mar 02 '15 at 09:22

faker · Accepted Answer · 2015-03-02T09:26:00.080

27

No, the SSH clients do not pass the DNS name you connected to on to the server.
As you said correctly, the name is resolved locally to the IP address.

It looks like I was wrong about FTP.
See the other answer for details.

edited Mar 02 '15 at 09:26

answered Mar 01 '15 at 15:36

faker

17,326
2
60
69

5

It's not true for FTP anymore. See [my answer](http://serverfault.com/a/672403/168875) – Martin Prikryl Mar 02 '15 at 09:02
Interesting, I didn't know that. I edited my answer. Thanks! – faker Mar 02 '15 at 09:26
Actually, as of 2015 the unedited answer is still correct in the majority of cases. That may change in the next few years, though. – dotancohen Mar 02 '15 at 09:56
I'm wondering how many clients support it yet. In any case your answer is more correct. – faker Mar 02 '15 at 09:58
@faker I have added little information about client-side support I know atm. May do some further research later. – Martin Prikryl Mar 02 '15 at 10:19

Do the SSH or FTP protocols tell the server to which domain I am trying to connect?

2 Answers2

Linked

Related