We have a vendor who requires us to upload data via FTPS (NOT SFTP) using passive mode and explicit SSL. This seems to work fine using WinSCP, but I have not been able to get the same results via lftp. I was hoping someone might be able to spot what I am doing wrong. Here is a transcript of my session with debugging set to 13 (and our password x'ed out):
------------------------------------------BEGIN SESSION--------------------------------- lftp :~> set ftp:ssl-protect-data true lftp :~> set ftp:ssl-force true lftp :~> set ftp:ssl-auth SSL lftp :~> open -uVendorQOH,xxxxxxxx -p990 ftp://fastedi.fastenal.com lftp vendor...@fastedi.fastenal.com:~> ls ls: Fatal error: gnutls_handshake: A TLS fatal alert has been received. lftp vendor...@fastedi.fastenal.com:~> put PMSC2012-07-24.XML Interrupt lftp vendor...@fastedi.fastenal.com:~> set ftp:auto-passive-mode yes lftp vendor...@fastedi.fastenal.com:~> put PMSC2012-07-24.XML Interrupt lftp vendor...@fastedi.fastenal.com:~> set ftp:passive-mode on lftp vendor...@fastedi.fastenal.com:~> put PMSC2012-07-24.XML Interrupt lftp vendor...@fastedi.fastenal.com:~> debug 5 lftp vendor...@fastedi.fastenal.com:~> put PMSC2012-07-24.XML ---- Connecting to fastedi.fastenal.com (205.243.112.67) port 990 <--- 220 Welcome to Fastenal FTP Production ---> FEAT <--- 530 Not logged in. ---> AUTH SSL <--- 234 Security data exchange complete. ---> USER VendorQOH **** gnutls_handshake: A TLS packet with unexpected length was received. Interrupt lftp vendor...@fastedi.fastenal.com:~> debug 13 lftp vendor...@fastedi.fastenal.com:~> put PMSC2012-07-24.XML FileCopy(0x8d1fa48) enters state INITIAL FileCopy(0x8d1fa48) enters state DO_COPY ---- dns cache hit ---- Connecting to fastedi.fastenal.com (205.243.112.67) port 990 <--- 220 Welcome to Fastenal FTP Production ---> FEAT <--- 530 Not logged in. ---> AUTH SSL <--- 234 Security data exchange complete. ---> USER VendorQOH GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 GNUTLS: HSK[0x8d25ae8]: Keeping ciphersuite: RSA_ARCFOUR_MD5 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: PSK_SHA_AES_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: PSK_SHA_AES_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: PSK_SHA_ARCFOUR_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1 GNUTLS: HSK[0x8d25ae8]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1 GNUTLS: EXT[0x8d25ae8]: Sending extension CERT_TYPE GNUTLS: HSK[0x8d25ae8]: CLIENT HELLO was send [88 bytes] GNUTLS: REC[0x8d25ae8]: Sending Packet[0] Handshake(22) with length: 88 GNUTLS: REC[0x8d25ae8]: Sent Packet[1] Handshake(22) with length: 93 **** gnutls_handshake: A TLS packet with unexpected length was received. ---- Closing control socket Interrupt lftp vendor...@fastedi.fastenal.com:~> -------------------------------------------END SESSION----------------------------------- Any ideas? Thanks, -- Gary D. Walborn gwalb...@gmail.com
_______________________________________________ lftp mailing list lftp@uniyar.ac.ru http://univ.uniyar.ac.ru/mailman/listinfo/lftp