After some further playing around, I was able to route around the problem with gnutls by compiling LFTP with OpenSSL instead of gnutls:
./configure --prefix=/usr --without-gnutls --with-openssl For reference, this worked with LFTP 4.1.3 on Mandriva Linux 2009.1 and 2007.1. On Wed, Feb 9, 2011 at 12:04 PM, Joe Thielen <[email protected]> wrote: > Hello all. After upgrading a server with a newer Linux distro (Mandriva > 2007.1 -> 2009.1) I've noticed I'm unable to use LFTP to send files via > FTP/SSL. After finding the LFTP "debug" command, I come up with: > > ---- Connecting to XXX (X.X.X.X) port 21 > <--- 220 XXX X2 WS_FTP Server 5.0.4 (3600386300) > ---> FEAT > <--- 530 Please login with USER and PASS > ---> AUTH TLS > <--- 234 SSL enabled and waiting for negotiation > ---> USER XXX > **** gnutls_handshake: The Diffie Hellman prime sent by the server is not > acceptable (not long enough). > ---- Closing control socket > > I'm not an expert in these things by any means. I looked up that error on > Google, but mostly came up with replies about the "mutt" e-mail program, and > I can't figure out how to make any of those solutions applicable to LFTP > without having to recompile gnutls. > > The server I'm trying to connect to is not under my control, I highly doubt > I'd be able to convince them to upgrade their SSL certificate. > > Any ideas? >
