707Digging a tunnel to a remote SFTP Server

The problem seems to be familiar. The host (let's call it target machine) you want to connect to is in a corporate network, you are not able to directly connect to it. However you have SSH access to another computer (the intermediary machine) on the same network, which means your are able to SSH your way into the intermediary machine and from there to the target machine.

So far so good.

Whereas the command line has its merits, for some jobs it's more convenient to use an FTP client (like Cyberduck). Cyberduck does not support SSH tunneling by itself, but there are way to make it work.

First, we will create an SSH tunnel to the intermediary machine and second we will set this tunnel up as a proxy through which Cyberduck will be able to connect to the target machine.

1. The SSH Tunnel

ssh -qTnN -D 4040 -C username@intermediary

Key in the password for your intermediary server, and its connection should be available for your localhost:4040.

2. The SOCKS Proxy

And localhost:4040 is were we are pointing our SOCKS proxy to:

2. Back to Cyberduck

Now, with the tunnel active and the proxy configured, just enter the login credentials of the target machine in your FTP application - and voila - it should work. At least it worked for me.