Andrew said:
Hi,
If I want to setup SFTP (Secure FTP), besides enabling Port 22, is there
anything I need to enable?
Both SFTP server and SFTP client have been tested internally without
firewall.
If you've done that, then just review the firewall logs, or run a sniffer
such as
www.ethereal.com, to see what ports are used. That's my
recommendation. Try a couple of different tests, not just one, as the port
numbers may change.
From googling, it appears that different SFTP implementations use different
ports depending on how they work [SSL, SSH like yours appears to be, etc].
Also, not sure how your SFTP works, but I believe at least some if not all
SFTP solutions still use two different sessions with two different ports,
one for control [commands] and one for data [up/downloads]. With regular
unencrypted FTP, you've got Active and Passive FTP modes, and the ports are
different depending on which one the clients and servers are configured to
use. Passive is probably recommended for going through firewalls. With
regular FTP, a random port is chosen for the data channel, but it is
outbound from the client.
If your firewall is permissively configured to let everything outbound [not
that I'm necessarily recommending that], and your clients and servers are
configured to use Passive FTP, then possibly none of this will present a
problem for you. But it's good to know anyways.
