mount sftp through blocked port using proxy

-1

I'll apologise in advance, because I'm 90% sure this question has been asked somewhere before, but I can't figure this out, decide what's better and I'm completely unfamiliar with all of this.

My problem: On my school's network they blocked pretty much every port except for 21, 22 and 443, but I want to access my website's FTP server connection (hosted by some company) on port 7685 (which I can't change) to my local machine (a Mac). Preferably using SFTP of course.

Now my question is: what would be the most secure and fast method to be able to mount the sftp to my local machine on the school's network?

At home I can set up my Raspberry Pi to use as a middleman and direct all traffic from any port, so my idea was to use that as a proxy between my school's network. So I'll set it up to receive traffic from my local machine/school network on port 443 and direct it to the FTP server at port 7685.

I can imagine two possibilities: 1) mounting the FTP to my RPi over port 7685 and then mounting my RPi to my machine on the school network using port 443, but I fear this would slow down the connection (because of the extra hop). Or 2) using my RPi as a proxy (with something called SOCKS?) to mount my sftp directly to my machine on the school network, but I can't figure out how this works.

Or is there another way that I'm not seeing?

Things I can change: I can do everything with my RPi at home and all network preferences/firewall settings. My local computer's settings.

Things I can't change: The FTP server port/settings and my school's network preferences. (duh)

Many thanks in advance! (if there already is an answer somewhere, please send it to me, then I'll delete this post)

Jip G

Posted 2018-10-11T17:51:51.540

Reputation: 1

I have found these two links that seem to do what I described above. I'll try them out and post the results. Ilya Prokin's Blog The Lone Coder

– Jip G – 2018-10-11T20:00:59.617

Answers

0

The solution described here worked.

To set up the proxy use

ssh -L LOCAL_PORT:TARGET_HOST:TARGET_PORT INTERMEDIATE_USERNAME@INTERMEDIATE_HOST -p INTERMEDIATE_PORT -N

With:
LOCAL_PORT being the port to forward to from local machine
TARGET_HOST the host you want to access (in my case my website FTP service)
TARGET_PORT the port of the host you want to access (in my case 7685)
INTERMEDIATE_USERNAME the username I use to log into my RPi/middleman
INTERMEDIATE_HOST the adres of my RPi at home (or whatever you use as middleman)
INTERMEDIATE_PORT the port I use to access my RPi/middleman (in my case 443)
-L to indicate we're forwarding a port from local
-N to prevent opening a shell login at INTERMEDIATE_HOST

Example:

ssh -L 8080:ftp.host.com:7685 pi@home.com -p 443 -N

This will have to stay running, so the following you need to do in a different window (or you can use -f, but you'll have to manually use kill to stop the proxy, see this question)

Then to connect SSH to REMOTE_HOST use

ssh -p LOCAL_PORT TARGET_USERNAME@localhost

Or, in my case, to mount SFTP use SSHFS

sshfs -p LOCAL_HOST TARGET_USERNAME@localhost:/TARGET_PATH LOCAL_PATH

With:
TARGET_USERNAME being the username of my host
TARGET_PATH the path I need to use for my FTP service
LOCAL_PATH the path to mount the FTP to on local machine

Any feedback is greatly appreciated!

Jip G

Posted 2018-10-11T17:51:51.540

Reputation: 1

Asked: 2018-10-11T17:51:51.540

Viewed: 168 times

Active: 2018-10-12T10:38:21.587