Problem using sftp with Unix client and LFTP
Posted: Tue Apr 01, 2008 3:52 pm
I have a client who uses lftp with unix to do secure ftp with other clients. My ftp connection is the only one he is havng problems with.
Looks like like he connects OK but when he tries to do the file transfer it bombs. Any info you could provide would be great.
Here is the logs from the session.
# lftp
lftp :~> debug
lftp :~> set ftp:port-range xxxxx-xxxxx
lftp :~> open ftp://cerner@xxx.xxxx.xx.gov:22
Password:
---- Resolving host address...
---- 1 address found
lftp cerner@xxx.xxxx.xx.gov:~> ls
---- Connecting to ftp.xxxx.xx.xxx (165.xxx.xx.xx) port 22
<--- 220-Core FTP Server Version 1.0, build 151 Registered
<--- 220
---> FEAT
<--- 211-Extensions supported
<--- AUTH SSL
<--- MODE Z
<--- 211 END
**** AUTH TLS is not supported, using AUTH SSL instead
---> AUTH SSL
<--- 234 SSL enabled... start negotiation
---> USER xxxxx
Certificate depth: 1; subject: /DC=xxx/DC=xxxx/CN=xxxx Issuing CA; ssuer: /CN=xxxx Intermediate CA
WARNING: Certificate verification: unable to get local issuer certificate
WARNING: Certificate verification: certificate not trusted
Certificate depth: 0; subject: /C=US/ST=xxxx/L=xx/O=xxx/OU=xxx ISC/CN=xxx.xxx.xx.xxx; issuer: /DC=xxx/DC=xxx/CN=xxxx Issu
ing CA
<--- 331 password required for ?????
---> PASS XXXX
<--- 230-Logged on
<--- 230
---> PWD
<--- 257 "/" is current directory
---> PBSZ 0
<--- 200 PBSZ set to PBSZ 0
---> PASV
<--- 227 Entering Passive Mode (xxx,xx,x,x,xxx,xx).
---- Address returned by PASV seemed to be incorrect and has been fixed
---- Connecting data socket to (xxx.xxx.xx.xxx) port xxxxx
---- Data connection established
---> LIST
<--- 150 Opening ASCII mode data connection
WARNING: Certificate verification: unable to get local issuer certificate
WARNING: Certificate verification: certificate not trusted
Certificate depth: 0; ubject: /C=US/ST=xxx/L=Txx/O=KHPA/OU=xxxDISC/CN=xxx.xxxx.xx.x; issuer: /DC=DMZ/DC=xxxx/CN=xxxx Issu
ing CA
<--- 226 Transfer Complete
dr-xr-xrwx 1 owner group 0 Mar 5 21:19 .
---- Got EOF on data connection
---- Closing data socket
dr-xr-xrwx 1 owner group 0 Mar 5 21:19 ..
-r-xr-xrwx 1 owner group 74 Dec 27 2007 test_file_for_cerner.txt
lftp cerner@xxx.xxxx.xx.gov:/> mget test_file_for_cerner.txt
---> PROT C
<--- 200 PROT command OK. Using private data connection.
---> TYPE I
<--- 250 MODE set to I
---> PASV
<--- 227 Entering Passive Mode (xxx,xx,x,x,xxx,xx)..
---- Address returned by PASV seemed to be incorrect and has been fixed
---- Connecting data socket to (xxx.xxx.xx.xxx) port xxxxx
---- Data connection established
---> RETR test_file_for_cerner.txt
<--- 150 RETR command started
Interrupt
---> ABOR
---- Closing aborted data socket
<--- 550 RETR failed...
<--- 502 Nothing to abort
Regards,
rd
Looks like like he connects OK but when he tries to do the file transfer it bombs. Any info you could provide would be great.
Here is the logs from the session.
# lftp
lftp :~> debug
lftp :~> set ftp:port-range xxxxx-xxxxx
lftp :~> open ftp://cerner@xxx.xxxx.xx.gov:22
Password:
---- Resolving host address...
---- 1 address found
lftp cerner@xxx.xxxx.xx.gov:~> ls
---- Connecting to ftp.xxxx.xx.xxx (165.xxx.xx.xx) port 22
<--- 220-Core FTP Server Version 1.0, build 151 Registered
<--- 220
---> FEAT
<--- 211-Extensions supported
<--- AUTH SSL
<--- MODE Z
<--- 211 END
**** AUTH TLS is not supported, using AUTH SSL instead
---> AUTH SSL
<--- 234 SSL enabled... start negotiation
---> USER xxxxx
Certificate depth: 1; subject: /DC=xxx/DC=xxxx/CN=xxxx Issuing CA; ssuer: /CN=xxxx Intermediate CA
WARNING: Certificate verification: unable to get local issuer certificate
WARNING: Certificate verification: certificate not trusted
Certificate depth: 0; subject: /C=US/ST=xxxx/L=xx/O=xxx/OU=xxx ISC/CN=xxx.xxx.xx.xxx; issuer: /DC=xxx/DC=xxx/CN=xxxx Issu
ing CA
<--- 331 password required for ?????
---> PASS XXXX
<--- 230-Logged on
<--- 230
---> PWD
<--- 257 "/" is current directory
---> PBSZ 0
<--- 200 PBSZ set to PBSZ 0
---> PASV
<--- 227 Entering Passive Mode (xxx,xx,x,x,xxx,xx).
---- Address returned by PASV seemed to be incorrect and has been fixed
---- Connecting data socket to (xxx.xxx.xx.xxx) port xxxxx
---- Data connection established
---> LIST
<--- 150 Opening ASCII mode data connection
WARNING: Certificate verification: unable to get local issuer certificate
WARNING: Certificate verification: certificate not trusted
Certificate depth: 0; ubject: /C=US/ST=xxx/L=Txx/O=KHPA/OU=xxxDISC/CN=xxx.xxxx.xx.x; issuer: /DC=DMZ/DC=xxxx/CN=xxxx Issu
ing CA
<--- 226 Transfer Complete
dr-xr-xrwx 1 owner group 0 Mar 5 21:19 .
---- Got EOF on data connection
---- Closing data socket
dr-xr-xrwx 1 owner group 0 Mar 5 21:19 ..
-r-xr-xrwx 1 owner group 74 Dec 27 2007 test_file_for_cerner.txt
lftp cerner@xxx.xxxx.xx.gov:/> mget test_file_for_cerner.txt
---> PROT C
<--- 200 PROT command OK. Using private data connection.
---> TYPE I
<--- 250 MODE set to I
---> PASV
<--- 227 Entering Passive Mode (xxx,xx,x,x,xxx,xx)..
---- Address returned by PASV seemed to be incorrect and has been fixed
---- Connecting data socket to (xxx.xxx.xx.xxx) port xxxxx
---- Data connection established
---> RETR test_file_for_cerner.txt
<--- 150 RETR command started
Interrupt
---> ABOR
---- Closing aborted data socket
<--- 550 RETR failed...
<--- 502 Nothing to abort
Regards,
rd