I am trying to set a custom port number for the FTP service on my Mac Mini.
I do understand the security risks of using ftp.
I am NOT running OS X Server.
I am running OS X 10.9.5.
Ideally, I am trying to change the default ftp Port to 2120.
Not sure if I need to edit the ftp.plist or /etc/services file........
I would be extremely grateful if someone could walk me through this.
Most routers will allow you to specify a different Internet side port from the home LAN side port.
For example I have a high numbers port open on the internet (eg 23456) which the router maps to port 22 on my Mac. I can make ssh connections to my Mac from the internet by just using
ssh -p 23456 <routers.IP.Address>
sftp -P 23456 <routers.IP.Address>
scp -P 23456 <routers.IP.Address>
The internet side NEVER seens port 22 being open. It is some very high number that is not in common use, and I'm the one that knows about it. NOTE: 23456 is not the real port number 🙂 )
PortForward.com has documents providing step-by-step guides on how to setup port forwarding for a huge list of routers
Is this just for A) home home LAN? Or B) for a home Mac with port 2120 port forwarded through your router? Or C) for a corporate network?
If "B", then you should be able to tell your home router to port forward between the Mac's default FTP port number and whatever port number you want visible on the Internet.
If "A" or "C", then maybe you can use "man pfctl" and "man pf.conf" to translate one port to another. Google searching for examples might help: "pf.conf port forwarding example"
pf.conf changes are just speculation on my part, so your mileage may vary.
Hi Bob
Thank you for your reply.
Currently I am unsure what the default ftp port is on the MacMini - I believe it is 21.
I want to configure this ftp port to 2120 and open that port up on my router [Option B].
Currently I have already opened up port 21 on my router which is pointing at my WDCloud Unit on my network.
Therefore, once I know which file[s] to edit, which I expect will should show the current ftp port, I can make the changes.
Any further help or ideas will be very much appreciated. Thank You.
Hi Bob
Thank you again.
This has proved to be useful information, which has worked!
Still having trouble with one of the MacMini's, I think it is simply a 'Rights' issue, rather than a Port Forwarding/Port Remapping issue.
Thank you again
Michael
If you are port mapping for multiple home systems, then you need to give each Mac its own unique Internet visible port.
For example one gets 2120, and one gets 2121, and another gets 2122, etc...
In my ssh example above, 23456 goes to one Mac's ssh port 22, and 34567 goes to another Mac's ssh port 22, and 45678 goes to yet another Mac's ssh port 22, etc...
PS. I actually ONLY port forward the ssh port (again high number on the Internet side going to port 22 on the Mac).
If I want to allow other protocols, such as AFP, or VNC/Screen Sharing I setup an ssh tunnel. From the remote Mac, I issue:
ssh -p 23456 -L 22548:localhost:548 -L 22590:localhost:5900 <My.Routers.IP.Addr>
This will establish an ssh connection using the 23456 port forwarded port into my Mac at home.
the -L setups an ssh tunnel.
22548:localhost:548 establishes an AFP (Apple FileSharing Protocol) local port 22548 through an ssh tunnel to the Mac in my home and directs the other side of the tunnel into the standard AFP port 548.
To use this tunnel, on the Mac I'm sitting in front of, I just use a Terminal session command:
open afp://localhost:22548
and this will allow me to mount a volume from the Mac in my home onto the Mac I'm sitting in front of.
=L 22590:localhost:5900 creates an ssh tunnel for VNC/Screen Sharing (5900 is the VNC/Screen Sharing port). To use this tunnel, I use the a Terminal session command:
open vnc://localhost:22590
I can create an ssh tunnel for any TCP based protocol as long as I know the port numbers I need to connect with _AND_ if I can tell the service to use my funky localhost:nnnnn connection address, where nnnnn is the port number I'm using on the local system as the entry to the tunnel.
Changing Default ftp Port
