TOC(noheading, depth=4)Written: 2018-06-12 (Jaruga)
File Transfer Protocol (FTP)
FTP is used for the transfer of computer files between a client and server over a network. Users typically authenticate with a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS) or replaced with SSH File Transfer Protocol (SFTP).
FTP requires two different connections: one for commands and one for data. A data connection is created every time a directory listing is created / browsed or file is transmitted. Almost every modern FTP server checks if both the control connection and data connection come from the same IP address. Tor changes circuits for new TCP connections every 10 minutes - this means, if you download several files from the same FTP server (or browse content of FTP server), your connection will fail in approximately 10 minute intervals, and you will need to re-connect. Please note this only affects newly created connections, and does not interrupt current file downloads.
As SFTP is facilitated by SSH, configuring SSH to connect via Tor will allow you to use SFTP as well. If you have sufficient permissions on your local system and network, this is the recommended option for torifying your FTP traffic. For instructions and further information, see the torifying SSH documentation.
Torifying FTP / FTPS
There are a couple options for torifying regular FTP, depending on your preferences. Below we will cover the command line method for *NIX-based operating systems - if you are using Windows, it is reccomended to follow the Torifying Filezilla guide.
The easiest way to use FTP from the command line is with
wget, as it is available (and often preinstalled) on virtually every *NIX operating system.
- First and foremost, install
- Fetch a file by issuing the command:
torsocks wget [link to file] --passive-ftp
Note: FTP must be run in 'passive' mode; torsocks often forces this, however the
--passive-ftp flag may be required in some cases.