[tor-talk] Filezilla Through Tor Connectivity

Moritz Klammler moritz at klammler.eu
Thu Jan 16 21:44:30 UTC 2014 

Tim Chorney <libertyinperil at inbox.com> writes:

> When asked how to run Filezilla through Tor to protect website
> passwords, Tim Kosse of Filezilla advised I should “use FTP over TLS
> (FTPS) or SSH File Transfer Protocol (SFTP) to connect to your server”
> since “If you're using plain FTP together with Tor, then the password
> is still being transmitted unencrypted over the internet to the
> server.” How, precisely, do I do this? … I don't have Mr. Kosse's
> expertise. Can you help?  Thanks

Is your problem (i) how to tunnel the FTP stream through Tor or (ii) how
to use TLS / SSL with FTP?

(i) In FileZilla, select "Edit" -> "Settings" and then under
    "Connection" -> "Generic Proxy".  There, select "SOCKS 5" and -- if
    you have the default settings for Tor -- enter "localhost" for the
    proxy host and 9050 for the proxy port.

    Alternatively, you could try to start FileZilla from the command
    line via torsocks if you want a one-time thing:

        $ torsocks filezilla

(ii) There are two types of FTP+TLS: implicit and explicit mode.  The
     latter is more common today.  You'll have to find out what your FTP
     server offers.  If you are unlucky, it offers neither of them and
     you cannot use TLS unless you convince the admin to add support for
     it.  To open an FTP connection with explicit TLS encryption from
     FileZilla, simply prefix the host name with the string 'ftpes://'.
     So, to connect to the server at 'ftp.example.com', you'd type
     'ftpes://ftp.example.com' into the "Host" field of FileZilla.
     That's it.

Using Tor and end-to-end encryption via TLS are two orthogonal security
measures and you can combine them in any of the four possible ways that
makes most sense for you.

Unfortunately, it seems that some FTP servers are blocking IPs that
appear bogous to them, which traffic originating from Tor might do.
vsftpd seems to do that so, sadely, I could not even connect to my own
server when I tried the above instructions a minute ago.  I will look
into changing this in the vsftpd config when I have time for it.


Happy Hacking

Moritz
-- 
OpenPGP:

Public Key:   http://openpgp.klammler.eu
Fingerprint:  80C1 EC79 B554 3D84 0A35 A728 7057 B288 CE61 2235
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140116/6fd91027/attachment.sig>

More information about the tor-talk mailing list