set ftp:ssl-force yes made no difference. But here is debug 20 level on the client that can successfully connect to the server:
Thanks for the help! lftp [email protected]:~> ls dns cache hit ---- Connecting to host.somedomain.com (XX.XX.XX.XX) port 21 <--- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- <--- 220-You are user number 2 of 38 allowed. <--- 220-Local time is now 14:52. Server port: 21. <--- 220-This is a private system - No anonymous login <--- 220-IPv6 connections are also welcome on this server. <--- 220 You will be disconnected after 15 minutes of inactivity. ---> AUTH TLS <--- 234 AUTH TLS OK. Certificate depth: 1; subject: /C=US/O=Equifax Secure Inc./CN=Equifax Secure Glo bal eBusiness CA-1; issuer: /C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusiness CA-1 WARNING: Certificate verification: self signed certificate in certificate chain Certificate depth: 0; subject: /C=US/O=*.somedomain.com/OU=GT04795132/OU=See www.r apidssl.com/resources/cps (c)08/OU=Domain Control Validated - RapidSSL(R)/CN=*.a bclegal.com; issuer: /C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusin ess CA-1 ---> USER user <--- 331 User user OK. Password required ---> PASS XXXX <--- 530 Login authentication failed ---- Closing control socket ls: Login failed: 530 Login authentication failed lftp [email protected]:~> user user Password: lftp [email protected]:~> ls dns cache hit ---- Connecting to host.somedomain.com (XX.XX.XX.XX) port 21 <--- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- <--- 220-You are user number 2 of 38 allowed. <--- 220-Local time is now 14:52. Server port: 21. <--- 220-This is a private system - No anonymous login <--- 220-IPv6 connections are also welcome on this server. <--- 220 You will be disconnected after 15 minutes of inactivity. ---> AUTH TLS <--- 234 AUTH TLS OK. Certificate depth: 1; subject: /C=US/O=Equifax Secure Inc./CN=Equifax Secure Glo bal eBusiness CA-1; issuer: /C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusiness CA-1 WARNING: Certificate verification: self signed certificate in certificate chain Certificate depth: 0; subject: /C=US/O=*.somedomain.com/OU=GT04795132/OU=See www.r apidssl.com/resources/cps (c)08/OU=Domain Control Validated - RapidSSL(R)/CN=*.a bclegal.com; issuer: /C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusin ess CA-1 ---> USER user <--- 331 User user OK. Password required ---> PASS XXXX <--- 230-Your bandwidth usage is restricted <--- 230-User user has group access to: ftpgroup <--- 230 OK. Current restricted directory is / ---> PWD <--- 257 "/" is your current location ---> PBSZ 0 <--- 200 PBSZ=0 ---> PASV <--- 227 Entering Passive Mode (XX,XX,XX,XX,39,53) ---- Connecting data socket to (XX.XX.XX.XX) port 10037 ---> LIST <--- 150 Accepted data connection ---- Closing data socket drwxrwxr-x 2 2001 ftpgroup 4096 Apr 1 17:03 . drwxrwxr-x 2 2001 ftpgroup 4096 Apr 1 17:03 .. -rw-r--r-- 1 2001 ftpgroup 4 Apr 1 17:03 test.txt <--- 226-Options: -a -l <--- 226 3 matches total copy: get hit eof copy: put confirmed store copy: get is finished - all done -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Daniel Fazekas Sent: Wednesday, April 07, 2010 3:53 AM To: [email protected] Cc: Diane Rolland Subject: Re: ls problems with differnt versions of lftp On Apr 6, 2010, at 20:43, Diane Rolland wrote: > No change when > set ftp:passive-mode on > debug in front of ls gives: > lftp [email protected]:~> debug > lftp [email protected]:~> ls > ---- Connecting to somedomain.com (XX.XX.XX.XX) port 21 > <--- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- > ---> OPTS MLST type;size;modify;UNIX.mode;UNIX.uid;UNIX.gid; > <--- 200 MLST OPTS > type;size;sizd;modify;UNIX.mode;UNIX.uid;UNIX.gid;unique; > ---> USER user > **** Peer closed connection > ---- Closing control socket Then it looks like it isn't really connected to requesting a directory listing, it doesn't get that far. Your server drops the connection as soon as you try to log in, regardless of what command you might try to execute. Are you sure there isn't some kind of an IP check on the server and that you are using the same settings as in the working cases? The same debug output from the working machine would let us compare and see if there are any differences. You could also try set ftp:ssl-force yes
