How to use SSH to encrypt FTP control channel?

I've read some documents about using SSH port forwarding to allow encryption of the FTP control channel in order to protect the username and password.

I can't figure out how to make it work, though. I followed the instructions, but I can never establish a data channel even in PASV mode. This is what I'm doing:

(1) Establish the SSH tunnel:

[pmak@lina pmak]$ ssh -L2021:localhost:21 aaanime.net
Authentication successful.
Last login: Wed Dec 31 1969 19:00:00 -0500 from
You have mail.

(2) Connect to the tunneled port:

[pmak@lina pmak]$ ftp localhost 2021
Connected to localhost.localdomain.
220 sg1 FTP server (Version wu-2.6.0(1) Fri Jun 23 09:17:44 EDT 2000) ready.
Name (localhost:pmak): pmak
331 Password required for pmak.
Password:
230 User pmak logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quote pasv
227 Entering Passive Mode (127,0,0,1,19,216)
ftp> ls
227 Entering Passive Mode (127,0,0,1,74,90)
ftp: connect: Connection refused

Attempts to do it using GUI FTP clients and checking the "Use PASV mode" box doesn't work either. Does anyone know what I did wrong?

 

 

 

 

Top