Sample code for 30+ languages & platforms
Delphi DLL

FTP through SSH Tunnel with Dynamic Port Forwarding

See more FTP Examples

Demonstrates how to start a background thread that runs a portable SSH tunnel w/ dynamic port forwarding that the foreground thread can be used for establishing FTP sessions through an SSH tunnel.

Note: Some developers may be accustomed to starting an stunnel.exe proxy from https://www.stunnel.org. The stunnel.exe is not necessary here. Chilkat's background thread fulfills the task of what the external stunnel.exe does. Therefore, your application is self-contained, meaning that it can run anywhere because the SSH tunnel proxy is built-in.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, SshTunnel, Ftp2;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
tunnel: HCkSshTunnel;
sshHostname: PWideChar;
sshPort: Integer;
ftp: HCkFtp2;
localFilename: PWideChar;
remoteFilename: PWideChar;
waitForThreadExit: Boolean;

begin
success := False;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

success := False;

tunnel := CkSshTunnel_Create();

sshHostname := 'sftp.example.com';
sshPort := 22;

// Connect to an SSH server and establish the SSH tunnel:
success := CkSshTunnel_Connect(tunnel,sshHostname,sshPort);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkSshTunnel__lastErrorText(tunnel));
    Exit;
  end;

// Authenticate with the SSH server via a login/password
// or with a public key.  
// This example demonstrates SSH password authentication.
success := CkSshTunnel_AuthenticatePw(tunnel,'mySshLogin','mySshPassword');
if (success <> True) then
  begin
    Memo1.Lines.Add(CkSshTunnel__lastErrorText(tunnel));
    Exit;
  end;

// Indicate that the background SSH tunnel thread will behave as a SOCKS proxy server
// with dynamic port forwarding:
CkSshTunnel_putDynamicPortForwarding(tunnel,True);

// We may optionally require that connecting clients authenticate with our SOCKS proxy server.
// To do this, set an inbound username/password.  Any connecting clients would be required to 
// use SOCKS5 with the correct username/password.
// If no inbound username/password is set, then our SOCKS proxy server will accept both
// SOCKS4 and SOCKS5 unauthenticated connections.

CkSshTunnel_putInboundSocksUsername(tunnel,'chilkat123');
CkSshTunnel_putInboundSocksPassword(tunnel,'password123');

// Start the listen/accept thread to begin accepting SOCKS proxy client connections.
// Listen on port 1080.
success := CkSshTunnel_BeginAccepting(tunnel,1080);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkSshTunnel__lastErrorText(tunnel));
    Exit;
  end;

// Now that a background thread is running a SOCKS proxy server that forwards connections
// through an SSH tunnel, it is possible to use any Chilkat implemented protocol that is SOCKS capable,
// such as HTTP, POP3, SMTP, IMAP, FTP, etc.  The protocol may use SSL/TLS because the SSL/TLS
// will be passed through the SSH tunnel to the end-destination.  Also, any number of simultaneous
// connections may be routed through the SSH tunnel.

ftp := CkFtp2_Create();

// Indicate that the HTTP object is to use our portable SOCKS proxy/SSH tunnel running in our background thread.
CkFtp2_putSocksHostname(ftp,'localhost');
// The SocksPort must equal the port passed to BeginAccepting above.
CkFtp2_putSocksPort(ftp,1080);
CkFtp2_putSocksVersion(ftp,5);
// The SOCKS5 login/password set here must equal the InboundSocksUsername/Password set above.
CkFtp2_putSocksUsername(ftp,'chilkat123');
CkFtp2_putSocksPassword(ftp,'password123');

// This is the actual FTP server domain or IP address, and the login/password for the user account on the destination FTP server.
CkFtp2_putHostname(ftp,'ftp.someFtpServer.com');
CkFtp2_putUsername(ftp,'myLogin');
CkFtp2_putPassword(ftp,'myPassword');
CkFtp2_putAuthTls(ftp,True);

// Connect and login (via the SSH tunnel) to the FTP server.
success := CkFtp2_Connect(ftp);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkFtp2__lastErrorText(ftp));
    Exit;
  end;

// Change to the remote directory where the file is located.
// This step is only necessary if the file is not in the root directory
// for the FTP account.
success := CkFtp2_ChangeRemoteDir(ftp,'junk');
if (success <> True) then
  begin
    Memo1.Lines.Add(CkFtp2__lastErrorText(ftp));
    Exit;
  end;

localFilename := 'c:/temp/hamlet.xml';
remoteFilename := 'hamlet.xml';

// Download a file.  (the data connection is also automatically established through the 
// SSH tunnel using dynamic port forwarding..)
success := CkFtp2_GetFile(ftp,remoteFilename,localFilename);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkFtp2__lastErrorText(ftp));
    Exit;
  end;

// The disconnect is disconnecting with the FTP server and closes the SSH tunnel.
// The background tunnel thread is still running, and may be used for subsequent FTP connections,
// or even connections for any other purpose, such as HTTP, IMAP, SMTP, POP3, etc.
success := CkFtp2_Disconnect(ftp);

// When the app is finished with the tunnel, it can cleanup..

// Stop the background listen/accept thread:
waitForThreadExit := True;
success := CkSshTunnel_StopAccepting(tunnel,waitForThreadExit);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkSshTunnel__lastErrorText(tunnel));
    Exit;
  end;

// Close the SSH tunnel (would also kick any remaining connected clients).
success := CkSshTunnel_CloseTunnel(tunnel,waitForThreadExit);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkSshTunnel__lastErrorText(tunnel));
    Exit;
  end;

CkSshTunnel_Dispose(tunnel);
CkFtp2_Dispose(ftp);

end;