Sample code for 30+ languages & platforms
Tcl

FTP through SSH Tunnel with Dynamic Port Forwarding

See more FTP Examples

Demonstrates how to start a background thread that runs a portable SSH tunnel w/ dynamic port forwarding that the foreground thread can be used for establishing FTP sessions through an SSH tunnel.

Note: Some developers may be accustomed to starting an stunnel.exe proxy from https://www.stunnel.org. The stunnel.exe is not necessary here. Chilkat's background thread fulfills the task of what the external stunnel.exe does. Therefore, your application is self-contained, meaning that it can run anywhere because the SSH tunnel proxy is built-in.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set success 0

set tunnel [new_CkSshTunnel]

set sshHostname "sftp.example.com"
set sshPort 22

# Connect to an SSH server and establish the SSH tunnel:
set success [CkSshTunnel_Connect $tunnel $sshHostname $sshPort]
if {$success != 1} then {
    puts [CkSshTunnel_lastErrorText $tunnel]
    delete_CkSshTunnel $tunnel
    exit
}

# Authenticate with the SSH server via a login/password
# or with a public key.  
# This example demonstrates SSH password authentication.
set success [CkSshTunnel_AuthenticatePw $tunnel "mySshLogin" "mySshPassword"]
if {$success != 1} then {
    puts [CkSshTunnel_lastErrorText $tunnel]
    delete_CkSshTunnel $tunnel
    exit
}

# Indicate that the background SSH tunnel thread will behave as a SOCKS proxy server
# with dynamic port forwarding:
CkSshTunnel_put_DynamicPortForwarding $tunnel 1

# We may optionally require that connecting clients authenticate with our SOCKS proxy server.
# To do this, set an inbound username/password.  Any connecting clients would be required to 
# use SOCKS5 with the correct username/password.
# If no inbound username/password is set, then our SOCKS proxy server will accept both
# SOCKS4 and SOCKS5 unauthenticated connections.

CkSshTunnel_put_InboundSocksUsername $tunnel "chilkat123"
CkSshTunnel_put_InboundSocksPassword $tunnel "password123"

# Start the listen/accept thread to begin accepting SOCKS proxy client connections.
# Listen on port 1080.
set success [CkSshTunnel_BeginAccepting $tunnel 1080]
if {$success != 1} then {
    puts [CkSshTunnel_lastErrorText $tunnel]
    delete_CkSshTunnel $tunnel
    exit
}

# Now that a background thread is running a SOCKS proxy server that forwards connections
# through an SSH tunnel, it is possible to use any Chilkat implemented protocol that is SOCKS capable,
# such as HTTP, POP3, SMTP, IMAP, FTP, etc.  The protocol may use SSL/TLS because the SSL/TLS
# will be passed through the SSH tunnel to the end-destination.  Also, any number of simultaneous
# connections may be routed through the SSH tunnel.

set ftp [new_CkFtp2]

# Indicate that the HTTP object is to use our portable SOCKS proxy/SSH tunnel running in our background thread.
CkFtp2_put_SocksHostname $ftp "localhost"
# The SocksPort must equal the port passed to BeginAccepting above.
CkFtp2_put_SocksPort $ftp 1080
CkFtp2_put_SocksVersion $ftp 5
# The SOCKS5 login/password set here must equal the InboundSocksUsername/Password set above.
CkFtp2_put_SocksUsername $ftp "chilkat123"
CkFtp2_put_SocksPassword $ftp "password123"

# This is the actual FTP server domain or IP address, and the login/password for the user account on the destination FTP server.
CkFtp2_put_Hostname $ftp "ftp.someFtpServer.com"
CkFtp2_put_Username $ftp "myLogin"
CkFtp2_put_Password $ftp "myPassword"
CkFtp2_put_AuthTls $ftp 1

# Connect and login (via the SSH tunnel) to the FTP server.
set success [CkFtp2_Connect $ftp]
if {$success != 1} then {
    puts [CkFtp2_lastErrorText $ftp]
    delete_CkSshTunnel $tunnel
    delete_CkFtp2 $ftp
    exit
}

# Change to the remote directory where the file is located.
# This step is only necessary if the file is not in the root directory
# for the FTP account.
set success [CkFtp2_ChangeRemoteDir $ftp "junk"]
if {$success != 1} then {
    puts [CkFtp2_lastErrorText $ftp]
    delete_CkSshTunnel $tunnel
    delete_CkFtp2 $ftp
    exit
}

set localFilename "c:/temp/hamlet.xml"
set remoteFilename "hamlet.xml"

# Download a file.  (the data connection is also automatically established through the 
# SSH tunnel using dynamic port forwarding..)
set success [CkFtp2_GetFile $ftp $remoteFilename $localFilename]
if {$success != 1} then {
    puts [CkFtp2_lastErrorText $ftp]
    delete_CkSshTunnel $tunnel
    delete_CkFtp2 $ftp
    exit
}

# The disconnect is disconnecting with the FTP server and closes the SSH tunnel.
# The background tunnel thread is still running, and may be used for subsequent FTP connections,
# or even connections for any other purpose, such as HTTP, IMAP, SMTP, POP3, etc.
set success [CkFtp2_Disconnect $ftp]

# When the app is finished with the tunnel, it can cleanup..

# Stop the background listen/accept thread:
set waitForThreadExit 1
set success [CkSshTunnel_StopAccepting $tunnel $waitForThreadExit]
if {$success != 1} then {
    puts [CkSshTunnel_lastErrorText $tunnel]
    delete_CkSshTunnel $tunnel
    delete_CkFtp2 $ftp
    exit
}

# Close the SSH tunnel (would also kick any remaining connected clients).
set success [CkSshTunnel_CloseTunnel $tunnel $waitForThreadExit]
if {$success != 1} then {
    puts [CkSshTunnel_lastErrorText $tunnel]
    delete_CkSshTunnel $tunnel
    delete_CkFtp2 $ftp
    exit
}


delete_CkSshTunnel $tunnel
delete_CkFtp2 $ftp