My server is updating software and they say they will start limiting connections to secure protocol, using "explicit FTP over TLS" in active mode.
Which of the options in Core FTP LE will match that? I see these available:
AUTH SSL
AUTH TLS
FTPS (SSL DIRECT)
SSH/SFTP
Thanks for any help
what's the option for explicit FTP over TLS?
-
ForumAdmin
- Site Admin
- Posts: 987
- Joined: Mon Mar 24, 2003 4:37 am
explicit FTP over TLS
Choosing "AUTH TLS" allows me to log in but directory will not load. Had same problem using Filezilla. Fix was to choose "Require explicit FTP over TLS". "Use explicit FTP over TLS if available" does not work.
Using Filezilla for this one account is a workaround, but I went to Core so could get away from using Filezilla.
Using Filezilla for this one account is a workaround, but I went to Core so could get away from using Filezilla.
-
ForumAdmin
- Site Admin
- Posts: 987
- Joined: Mon Mar 24, 2003 4:37 am
Didn't work. Here is the log:
220-You are user number 1 of 50 allowed.
220-Local time is now 15:05. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
AUTH TLS
234 AUTH TLS OK.
TLSv1, cipher TLSv1/SSLv3 (DHE-RSA-AES128-SHA) - 128 bit
USER care
331 User care OK. Password required
PASS **********
230 OK. Current restricted directory is /
SYST
215 UNIX Type: L8
Keep alive off...
PWD
257 "/" is your current location
PBSZ 0
200 PBSZ=0
PROT P
200 Data protection level set to "private"
PASV
227 Entering Passive Mode (50,22,145,27,127,222)
LIST
Connect socket #1564 to 50.22.145.27, port 32734...
TLSv1, cipher TLSv1/SSLv3 (DHE-RSA-AES128-SHA) - 128 bit
150 Accepted data connection
LIST command failed
Error loading directory...
220-You are user number 1 of 50 allowed.
220-Local time is now 15:05. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
AUTH TLS
234 AUTH TLS OK.
TLSv1, cipher TLSv1/SSLv3 (DHE-RSA-AES128-SHA) - 128 bit
USER care
331 User care OK. Password required
PASS **********
230 OK. Current restricted directory is /
SYST
215 UNIX Type: L8
Keep alive off...
PWD
257 "/" is your current location
PBSZ 0
200 PBSZ=0
PROT P
200 Data protection level set to "private"
PASV
227 Entering Passive Mode (50,22,145,27,127,222)
LIST
Connect socket #1564 to 50.22.145.27, port 32734...
TLSv1, cipher TLSv1/SSLv3 (DHE-RSA-AES128-SHA) - 128 bit
150 Accepted data connection
LIST command failed
Error loading directory...
-
ForumAdmin
- Site Admin
- Posts: 987
- Joined: Mon Mar 24, 2003 4:37 am
Indicate the build that it's not working with...
These few lines indicate that the "SSL Listing" option is not unchecked:
LIST
Connect socket #1564 to 50.22.145.27, port 32734...
*TLSv1, cipher TLSv1/SSLv3 (DHE-RSA-AES128-SHA) - 128 bit*
150 Accepted data connection
This is the log you should see with the "SSL Listing" option unchecked:
Welcome to Core FTP, release ver 2.2, build 1871 (x64) -- © 2003-2014
WinSock 2.0
Mem -- 8,303,552 KB, Virt -- 8,589,934,464 KB
Started on Tuesday February 09, 2016 at 12:01:PM
Resolving ftp.pureftpd--.org...
Connect socket #916 to 91.121.49.42, port 21...
220---------- Welcome to Pure-FTPd 1.0.42 [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 21:03. Server port: 21.
220-IPv6 connections are also welcome on this server.
220---------- Welcome to Pure-FTPd 1.0.42 [privsep] [TLS] ----------
AUTH TLS
234 AUTH TLS OK.
TLSv1.2, cipher TLSv1/SSLv3 (ECDHE-RSA-AES128-GCM-SHA256) - 128 bit
USER anonymous
230 Anonymous user logged in
SYST
215 UNIX Type: L8
Keep alive off...
PWD
257 "/" is your current location
PBSZ 0
200 PBSZ=0
PROT C
200 Data protection level set to "clear"
PASV
227 Entering Passive Mode (91,121,49,42,53,247)
LIST
Connect socket #480 to 91.121.49.42, port 13815...
150 Accepted data connection
226-Options: -l
226 37 matches total
Transferred 3,199 bytes in 0.005 seconds
These few lines indicate that the "SSL Listing" option is not unchecked:
LIST
Connect socket #1564 to 50.22.145.27, port 32734...
*TLSv1, cipher TLSv1/SSLv3 (DHE-RSA-AES128-SHA) - 128 bit*
150 Accepted data connection
This is the log you should see with the "SSL Listing" option unchecked:
Welcome to Core FTP, release ver 2.2, build 1871 (x64) -- © 2003-2014
WinSock 2.0
Mem -- 8,303,552 KB, Virt -- 8,589,934,464 KB
Started on Tuesday February 09, 2016 at 12:01:PM
Resolving ftp.pureftpd--.org...
Connect socket #916 to 91.121.49.42, port 21...
220---------- Welcome to Pure-FTPd 1.0.42 [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 21:03. Server port: 21.
220-IPv6 connections are also welcome on this server.
220---------- Welcome to Pure-FTPd 1.0.42 [privsep] [TLS] ----------
AUTH TLS
234 AUTH TLS OK.
TLSv1.2, cipher TLSv1/SSLv3 (ECDHE-RSA-AES128-GCM-SHA256) - 128 bit
USER anonymous
230 Anonymous user logged in
SYST
215 UNIX Type: L8
Keep alive off...
PWD
257 "/" is your current location
PBSZ 0
200 PBSZ=0
PROT C
200 Data protection level set to "clear"
PASV
227 Entering Passive Mode (91,121,49,42,53,247)
LIST
Connect socket #480 to 91.121.49.42, port 13815...
150 Accepted data connection
226-Options: -l
226 37 matches total
Transferred 3,199 bytes in 0.005 seconds
I can connect, but not list the directories. Is there some setting the must be changed? Here is the log:
Welcome to Core FTP, release ver 2.2, build 1871 (x64) -- © 2003-2014
WinSock 2.0
Mem -- 8,326,976 KB, Virt -- 137,438,953,344 KB
Started on Thursday April 14, 2016 at 17:35:PM
Resolving stm.experian.com...
Connect socket #1096 to 205.174.34.41, port 21...
220-This System Is For Authorized Users Only.
220-
220-
220-This System Is For Authorized Users Only.
AUTH TLS
234 TLSv1
USER ca_123456
331 Password required for ca_123456.
PASS **********
230 virtual user ca_123456 logged in from /68.8.18.108:27935.
SYST
215 UNIX Type: L8
Keep alive off...
PWD
257 "/" is current directory.
PBSZ 0
200 PBSZ=0
PROT C
200 Command PROT okay.
PASV
227 Entering Passive Mode (10,8,113,90,245,59)
LIST
Connect socket #1244 to 68.8.18.108, port 62779...
timeout
Welcome to Core FTP, release ver 2.2, build 1871 (x64) -- © 2003-2014
WinSock 2.0
Mem -- 8,326,976 KB, Virt -- 137,438,953,344 KB
Started on Thursday April 14, 2016 at 17:35:PM
Resolving stm.experian.com...
Connect socket #1096 to 205.174.34.41, port 21...
220-This System Is For Authorized Users Only.
220-
220-
220-This System Is For Authorized Users Only.
AUTH TLS
234 TLSv1
USER ca_123456
331 Password required for ca_123456.
PASS **********
230 virtual user ca_123456 logged in from /68.8.18.108:27935.
SYST
215 UNIX Type: L8
Keep alive off...
PWD
257 "/" is current directory.
PBSZ 0
200 PBSZ=0
PROT C
200 Command PROT okay.
PASV
227 Entering Passive Mode (10,8,113,90,245,59)
LIST
Connect socket #1244 to 68.8.18.108, port 62779...
timeout
-
ForumAdmin
- Site Admin
- Posts: 987
- Joined: Mon Mar 24, 2003 4:37 am