Loading ...
Sorry, an error occurred while loading the content.
 

Re: [nslu2-general] Proftpd error message

Expand Messages
  • steve pegg
    Brilliant, thanks for your help and follow-up. Working great now. Regards Steve ... From: Robert Hammond To:
    Message 1 of 5 , Feb 26, 2007
      Brilliant, thanks for your help and follow-up. Working great now.
      Regards Steve


      ----- Original Message ----
      From: Robert Hammond <rob.hammond@...>
      To: nslu2-general@yahoogroups.com
      Sent: Sunday, 25 February, 2007 10:18:43 PM
      Subject: Re: [nslu2-general] Proftpd error message

      In message <IcjqPEOvPg4FFwPT@ ntlworld. com>, Robert Hammond
      <rob.hammond@ ntlworld. com> writes
      >In message <LzZakONG+f4FFwcb@ ntlworld. com>, Robert Hammond
      ><rob.hammond@ ntlworld. com> writes
      >>In message <erosvh+815s@ eGroups.com>, steve pegg <SJP700@HOTMAIL. COM>
      >>writes
      >>>Can anyone help with the error message; PROT cmd failed... see below
      >>>
      >>>UTH SSL
      >>>234 AUTH SSL successful
      >>>TLSv1, cipher TLSv1/SSLv3 (DHE-RSA-AES256- SHA) - 256 bit
      >>>USER steve
      >>>331 Password required for steve.
      >>>PASS **********
      >>>230 User steve logged in.
      >>>SYST
      >>>215 UNIX Type: L8
      >>>Keep alive off...
      >>>PWD
      >>>257 "/" is current directory.
      >>>PBSZ 0
      >>>200 PBSZ 0 successful
      >>>PROT C
      >>>534 Unwilling to accept security parameters
      >>>PROT cmd failed...
      >>>PASV
      >>>227 Entering Passive Mode (192,168,1,77, 195,84).
      >>>LIST
      >>>
      >>PROT C is being sent by your FTP client, the PROT C command is telling
      >>the server not to encrypt the data channel.
      >>
      >>But I think that this is not supported with the Proftpd setting
      >>TLSProtocol SSLv23. Setting TLSProtocol SSLv23 will only accept a
      >>client that requests control channel encrypted SSL3 and data channel
      >>encrypted TLS1.
      >>
      >>Firstly this is a client issue and there is probably a tick box
      >>somewhere in your client setup to enable data encryption.
      >>
      >>If not then there is possible fix for this with Proftpd.
      >>
      >>Setting TLSProtocol SSLv3 is supposed to only encrypt using SSL3, this
      >>infers only encrypting the control channel. I have never seen any
      >>documentation regarding this feature so it may not work with your
      >>client.
      >>
      >I have this wrong, with most clients only the TLSProtocol SSLv23
      >setting will work.
      >
      >The setting that you would need to change is :-
      >
      >from
      >
      >TLSRequired on (Require SSL/TLS on both channels)
      >
      >to
      >
      >TLSRequired ctrl (Require SSL/TLS on the control channel only)
      >
      >I may update the Wiki regarding this.
      >
      Wiki script section updated to cover encryption of just the control
      channel (encrypts user name and password).

      <http://www.nslu2- linux.org/ wiki/Optware/ Proftpd>

      --
      Robert Hammond
      PGP:0x154144DA





      ___________________________________________________________
      Copy addresses and emails from any email account to Yahoo! Mail - quick, easy and free. http://uk.docs.yahoo.com/trueswitch2.html

      [Non-text portions of this message have been removed]
    Your message has been successfully submitted and would be delivered to recipients shortly.