On Friday, January 15, 2021 12:02:35 PM CST Andreas Metzler wrote: > Is this reproducible with gnutls-cli? > > ----- > gnutls-cli --starttls-proto=ftp bos-sr-2-36.akliz.net > ... > USER _loginhere_ > PASS _passwordhere_ > PWD > -----
That works:
---8<---
% gnutls-cli --starttls-proto=ftp bos-sr-2-36.akliz.net
Processed 126 CA certificate(s).
Resolving 'bos-sr-2-36.akliz.net:ftp'...
Connecting to '8.48.33.7:21'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `CN=bos-sr-2-36.akliz.net', issuer `CN=R3,O=Let's Encrypt,C=US',
serial 0x03f0eed09043a9a3dbf803d708af1c69e2cb, RSA key 2048 bits, signed using
RSA-SHA256, activated `2020-12-03 23:00:42 UTC', expires `2021-03-03 23:00:42
UTC', pin-sha256="69VuNIHD0lVaLOn9/cadykjHGtIcENyTp7HOQC+ppts="
Public Key ID:
sha1:aaf17878dc41169ab8998a5244753fb5440fb852
sha256:ebd56e3481c3d2555a2ce9fdfdc69dca48c71ad21c10dc93a7b1ce402fa9a6db
Public Key PIN:
pin-sha256:69VuNIHD0lVaLOn9/cadykjHGtIcENyTp7HOQC+ppts=
- Certificate[1] info:
- subject `CN=R3,O=Let's Encrypt,C=US', issuer `CN=DST Root CA X3,O=Digital
Signature Trust Co.', serial 0x400175048314a4c8218c84a90c16cddf, RSA key 2048
bits, signed using RSA-SHA256, activated `2020-10-07 19:21:40 UTC', expires
`2021-09-29 19:21:40 UTC', pin-
sha256="jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0="
- Status: The certificate is trusted.
- Successfully sent 0 certificate(s) to server.
- Description: (TLS1.0-X.509)-(ECDHE-SECP256R1)-(AES-128-CBC)-(SHA1)
- Session ID: 78:CC:6C:F1:66:01:CA:0C:7A:4E:FC:FF:DA:04:59:30:44:7C:
81:B7:59:44:6D:44:71:56:72:62:EA:DA:0E:41
- Options: safe renegotiation,
- Handshake was completed
- Simple Client Mode:
USER boyd.stephen.smith...@gmail.com.125388
331 Please specify the password.
PASS R7Pr6Uq6RC4N7we!
230 Login successful.
PWD
257 "/"
--->8---
But, I clearly don't know enough about raw FTP protocol to get a data transfer
started:
---8<---
LIST
425 Use PORT or PASV first.
PASV
227 Entering Passive Mode (8,48,33,7,4,208).
LIST
522 Data connections must be encrypted.
HELP
214-The following commands are recognized.
ABOR ACCT ALLO APPE CDUP CWD DELE EPRT EPSV FEAT HELP LIST MDTM MKD
MODE NLST NOOP OPTS PASS PASV PORT PWD QUIT REIN REST RETR RMD RNFR
RNTO SITE SIZE SMNT STAT STOR STOU STRU SYST TYPE USER XCUP XCWD XMKD
XPWD XRMD
214 Help OK.
HELP PORT
214-The following commands are recognized.
ABOR ACCT ALLO APPE CDUP CWD DELE EPRT EPSV FEAT HELP LIST MDTM MKD
MODE NLST NOOP OPTS PASS PASV PORT PWD QUIT REIN REST RETR RMD RNFR
RNTO SITE SIZE SMNT STAT STOR STOU STRU SYST TYPE USER XCUP XCWD XMKD
XPWD XRMD
214 Help OK.
CWD /custom-minecraft
250 Directory successfully changed.
NLST
522 Data connections must be encrypted.
PORT
500 Illegal PORT command.
--->8---
Note that connection in both FileZilla and lftp only fails once I try to list
the contents of the current directory. They are port able to connect and
login as well.
--
Boyd Stephen Smith Jr. ,= ,-_-. =.
b...@iguanasuicide.net ((_/)o o(\_))
Twitter: @DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/ \_/
signature.asc
Description: This is a digitally signed message part.
