This project is read-only.

Cerberus Problem

Apr 19, 2012 at 7:43 PM

I downloaded the latest AlexFTPS Client 1.1.0.

With FileZilla Server setup for FTPS I issued this command:

ftps -h ftp.myserver.com -port 21 -ssl All -U myuser –l

It worked fine.

I tried the same thing with Cerberus FTP Server 5.0.2.0 setup for FTPS and get this error message:

[2012-04-19 12:28:51]:CONNECT [     0] - FTP connection request accepted from x.x.x.x
[2012-04-19 12:28:51]:COMMAND [     0] - AUTH TLS
[2012-04-19 12:28:51]:  REPLY [     0] - 234 Authentication method accepted

[2012-04-19 12:28:51]:CONNECT [     0] - SSL connection using TLSv1/SSLv3 (RC4-MD5), 128 bit encryption
[2012-04-19 12:28:51]:CONNECT [     0] - SSL connection established
[2012-04-19 12:28:54]:COMMAND [     0] - USER myuser
[2012-04-19 12:28:54]:  REPLY [     0] - 530 User not authorized to login with this protocol

[2012-04-19 12:28:54]:COMMAND [     0] - QUIT
[2012-04-19 12:28:54]:CONNECT [     0] - Connection terminated

 Does anyone know what this is about, or has anyone used AlexFTPS Client with Cerberus FTP Server?


Thank you,

Whitney Peace

 


Apr 19, 2012 at 9:53 PM

Looks like an authentication issue on the server.

Can you successfully login with another client, e.g. FileZilla? In case can you post a log?

 

Alessandro

Apr 23, 2012 at 5:00 PM

Thanks you for getting back.

Here is the Cerberus log file from successfully logging in from FileZilla client:

2012-04-23 11:52:34]:CONNECT [     1] - Incoming connection request on FTPS interface 1 at xxx.xxx.xxx.xxx
[2012-04-23 11:52:34]:CONNECT [     1] - FTPS connection request accepted from 192.168.2.71
[2012-04-23 11:52:34]:CONNECT [     1] - SSL connection using TLSv1/SSLv3 (DHE-RSA-AES128-SHA), 128 bit encryption
[2012-04-23 11:52:36]:COMMAND [     1] - USER tester
[2012-04-23 11:52:36]:  REPLY [     1] - 331 User tester, password please

[2012-04-23 11:52:36]:COMMAND [     1] - PASS ***********
[2012-04-23 11:52:36]:CONNECT [     1] - Native user 'tester' authenticated
[2012-04-23 11:52:36]:  REPLY [     1] - 230 Password Ok, User logged in - This is an UNLICENSED copy of Cerberus FTP Server Personal edition

[2012-04-23 11:52:36]:COMMAND [     1] - SYST
[2012-04-23 11:52:36]:  REPLY [     1] - 215 UNIX Type: L8

[2012-04-23 11:52:36]:COMMAND [     1] - FEAT
[2012-04-23 11:52:36]:  REPLY [     1] - 211- Additional features supported include:
 MDTM
 MFCT
 MFMT
 SIZE
 REST STREAM
 AUTH TLS
 AUTH SSL
 PBSZ
 EPRT
 EPSV
 XCRC
 XSHA1
 XSHA256
 XSHA512
 XMD5
 HASH SHA-256;SHA-512;SHA-1*;MD5
 PROT
 LANG EN*
 SITE PSWD
 SITE ZONE
 SITE UTIME
 MLST Type*;Size*;Modify*;Create*;
 CLNT
 CSID
 RMDA
 UTF8
211 End

[2012-04-23 11:52:36]:COMMAND [     1] - CLNT FileZilla
[2012-04-23 11:52:36]:  REPLY [     1] - 200 Command okay

[2012-04-23 11:52:36]:COMMAND [     1] - OPTS UTF8 ON
[2012-04-23 11:52:36]:  REPLY [     1] - 220 UTF8 support on

[2012-04-23 11:52:36]:COMMAND [     1] - PBSZ 0
[2012-04-23 11:52:36]:  REPLY [     1] - 200 PBSZ=0

[2012-04-23 11:52:36]:COMMAND [     1] - PROT P
[2012-04-23 11:52:36]:  REPLY [     1] - 200 PROT P OK, data channel will be secured

[2012-04-23 11:52:36]:COMMAND [     1] - PWD
[2012-04-23 11:52:36]:  REPLY [     1] - 257 "/" is the current directory

[2012-04-23 11:52:36]:COMMAND [     1] - TYPE I
[2012-04-23 11:52:36]:  REPLY [     1] - 200 Type Binary

[2012-04-23 11:52:36]:COMMAND [     1] - PORT 192,168,2,71,14,119
[2012-04-23 11:52:36]:  REPLY [     1] - 200 Port command received

[2012-04-23 11:52:36]:COMMAND [     1] - MLSD
[2012-04-23 11:52:36]:  REPLY [     1] - 150 Opening data connection

[2012-04-23 11:52:37]:CONNECT [     1] - SSL connection using TLSv1/SSLv3 (DHE-RSA-AES128-SHA), 128 bit encryption
[2012-04-23 11:52:37]:CONNECT [     1] - SSL data connection established
[2012-04-23 11:52:37]:  REPLY [     1] - 226 Transfer complete

Thank you,

Whitney Peace

 

Apr 24, 2012 at 8:24 AM

Whitney,

it looks like you  are doing an Implicit FTPS connection. Here's an example:

ftps -h ftp.myserver.com -port 21 -ssl Implicit -U myuser –l

 

Best,

Alessandro

Apr 24, 2012 at 5:50 PM

Alessandro,

I tried this.

Here is from my client:

> ftps -h ftp.myserver.com -port 21 -ssl Implicit -U myuser -l
Alex FTPS version 1.1.0
Copyright (C) Alessandro Pilotti 2008-2009

http://www.codeplex.com/ftps
info@pilotti.it

This is free software, you may use it under the terms of
the LGPL license 

Password: ********

ERROR: The handshake failed due to an unexpected packet format.

---

Here is from the server's log file:

[2012-04-24 10:32:28]:CONNECT [ 3] - Incoming connection request on FTP interface 0 at xxx.xxx.xxx.xxx [2012-04-24 10:32:28]:CONNECT [ 3] - FTP connection request accepted from 192.168.2.71 [2012-04-24 10:32:29]:CONNECT [ 3] - Closing connection: An existing connection was forcibly closed by the remote host. [2012-04-24 10:32:29]:CONNECT [ 3] - Connection terminated ---
Any ideas on the "unexpected packet format"?

Thank you for your help,

Whitney

Apr 24, 2012 at 8:33 PM

Hi,

looks like your server is refusing to enstablish an encrypted communication with the client.

Are you sure that the server is answering on port 21 for implicit FTPS?

The default port for implicit FTPS is 990.

 

Alessandro 

Apr 25, 2012 at 8:12 PM

Alessandro,

You have given me a lead on the problem.

I will report back on the CodePlex site when I have it solved.

Thank you,

Whitney Peace

From: alexp [email removed]
Sent: Tuesday, April 24, 2012 3:33 PM
To: Peace, Whit (IS)
Subject: EXT :Re: Cerberus Problem [ftps:352878]

From: alexp

Hi,

looks like your server is refusing to enstablish an encrypted communication with the client.

Are you sure that the server is answering on port 21 for implicit FTPS?

The default port for implicit FTPS is 990.

Alessandro