proftpd tls/ssl a filezilla (vyřešeno)

testujem sftp, ale mam nejaky problem pripojit sa s filezillou (vo win cez total commander s prislusnymi kniznicami to funguje).
Pozrel som log, ale nejak v tom nevidim nic zle
filezilla

Status:	Connecting to 192.168.1.3:21...
Status:	Connection established, waiting for welcome message...
Response:	220 FTP Server ready.
Command:	AUTH TLS
Response:	234 AUTH TLS successful
Status:	Initializing TLS...
Status:	Verifying certificate...
Command:	USER prvy_klient
Status:	TLS/SSL connection established.
Response:	331 Password required for prvy_klient
Command:	PASS *******
Response:	230 User prvy_klient logged in
Command:	OPTS UTF8 ON
Response:	200 UTF8 set to on
Command:	PBSZ 0
Response:	200 PBSZ 0 successful
Command:	PROT P
Response:	200 Protection set to Private
Status:	Connected
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is the current directory
Command:	TYPE I
Response:	200 Type set to I
Command:	PASV
Response:	227 Entering Passive Mode (192,168,1,3,180,158).
Command:	MLSD
Error:	Connection timed out
Error:	Failed to retrieve directory listing

A tuje log z tls.log

2016-03-31 15:40:35,287 mod_tls/2.4.5[30764]: TLSOption EnableDiags enabled, setting diagnostics callback
2016-03-31 15:40:35,294 mod_tls/2.4.5[30764]: TLS/TLS-C requested, starting TLS handshake
2016-03-31 15:40:35,294 mod_tls/2.4.5[30764]: [info] accepting: before/accept initialization
2016-03-31 15:40:35,294 mod_tls/2.4.5[30764]: [info] accepting: unknown state
2016-03-31 15:40:35,304 mod_tls/2.4.5[30764]: [msg] received message of unknown version (771) (86 bytes)
2016-03-31 15:40:35,304 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 read client hello A
2016-03-31 15:40:35,304 mod_tls/2.4.5[30764]: [msg] sent message of unknown version (771) (81 bytes)
2016-03-31 15:40:35,305 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 write server hello A
2016-03-31 15:40:35,305 mod_tls/2.4.5[30764]: [msg] sent message of unknown version (771) (875 bytes)
2016-03-31 15:40:35,305 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 write certificate A
2016-03-31 15:40:35,320 mod_tls/2.4.5[30764]: [msg] sent message of unknown version (771) (527 bytes)
2016-03-31 15:40:35,320 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 write key exchange A
2016-03-31 15:40:35,321 mod_tls/2.4.5[30764]: [msg] sent message of unknown version (771) (4 bytes)
2016-03-31 15:40:35,321 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 write server done A
2016-03-31 15:40:35,321 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 flush data
2016-03-31 15:40:35,321 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 read client certificate A
2016-03-31 15:40:35,321 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 read client certificate A
2016-03-31 15:40:35,351 mod_tls/2.4.5[30764]: [msg] received message of unknown version (771) (134 bytes)
2016-03-31 15:40:35,354 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 read client key exchange A
2016-03-31 15:40:35,354 mod_tls/2.4.5[30764]: [msg] received message of unknown version (771) (1 byte)
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: [msg] received message of unknown version (771) (16 bytes)
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 read finished A
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: [msg] sent message of unknown version (771) (1 byte)
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 write change cipher spec A
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: [msg] sent message of unknown version (771) (16 bytes)
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 write finished A
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: [info] accepting: SSLv3 flush data
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: [info] ok: SSL negotiation finished successfully
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: [info] accepting: SSL negotiation finished successfully
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: client supports secure renegotiations
2016-03-31 15:40:35,355 mod_tls/2.4.5[30764]: TLSv1/SSLv3 connection accepted, using cipher DHE-RSA-AES128-SHA256 (128 bits)
2016-03-31 15:40:51,033 mod_tls/2.4.5[30764]: Protection set to Private

upozornujem, ze v linuxe som vecny zaciatocnik ...

Jinak v tom logu ti to chcípne u příkazu MLSD, který filezilla pošle.
Otázkou tedy je, zda máš správně nastavený porty pro pasivní režim (jak v rámci proftpd serveru, tak v rámci firewallu)?
Protože při připojení z TC jsi mohl použít aktivní režim a v případě filezilly pasivní a problém je na světě.
Zdar Max

Měl jsem sen ... :(

31.3.2016 20:48 jany2 | skóre: 30 | blog: jany_blog
Rozbalit Rozbalit vše Re: proftpd tls/ssl a filezilla

dofrasa ... no pomylil som sa (v jednom pismenku (chcel som napisat ftps)), jasne, ze sa nejedna o ssh ftp, ale o ftp tls/ssl. Ved log som dal z tls.
BTW uz to funguje, a ako si napisal stacilo nastavit transfer mode na active.
thx

upozornujem, ze v linuxe som vecny zaciatocnik ...

2.4.2016 13:06 jany2 | skóre: 30 | blog: jany_blog
Rozbalit Rozbalit vše Re: proftpd tls/ssl a filezilla

Este by som chcel vediet ci to je OK. Ak sa prihlasim bez zabezpecenia (bez tls) tak ma to prihlasi okamzite (prihlasenie trva zlomok sekundy). Ak sa vsak prihlasujem zabezpecene, tak to trva cca do 3-4 sekund.

upozornujem, ze v linuxe som vecny zaciatocnik ...

Dotaz: proftpd tls/ssl a filezilla

Odpovědi