Well, the 234 is just the response after the client sent AUTH TLS instead of a userid. But, a search for ftp auth tls error codes lead me to this IBM manual... Communications Server IP User's Guide and Commands
which listed the error codes... 17 FTP_AUTHENTICATION Security authentication or negotiation failure, incorrect specification of security keywords. Sounds interesting, but doesn't offer many clues... sounds like the problem could be in the SYSFTPD DD statements... Is something misconfigured? On the client? On the server? Is the certificate bad? (Same cert is acceptable to a web browser for https connections, though I do have to click past a warning when using IE) I'm leaning toward MVS no longer trusts my cert, or doesn't trust who signed the cert... That lead me to adding CLIENTERRCODES EXTENDED to those control statements. FTP now exits with an RC of 1710 instead of 10234... Much better :-) 17 means the same as above, 10 means "OPEN"... hmmm Well, I'll keep digging. Cheers On Wed, Dec 23, 2009 at 09:08, Stewart Thomas J <[email protected]> wrote: > If I remember correctly, what you want to do is search for "FTP client reply > code 234" on a web search engine. I think you need to break this into mmnnn, > where mm is a command code and nnn is the FTP client reply code. Most of > these are standard codes, so 234 is documented in the RFC for the AUTH TLS > FTP subcommand. > > Tom Stewart > Mainframe OS, Networking & Security > www.johndeere.com > > > -----Original Message----- > From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Donald > Russell > Sent: Wednesday, December 23, 2009 10:57 AM > To: [email protected] > Subject: FTP/TLS from zOS problems > > When I try to use FTPS from zOS to RHEL zLinux I get these messages after > connecting: > > 220 (vsFTPd 2.0.5) >>>> AUTH TLS > 234 Proceed with negotiation. > Authentication negotiation failed > Unable to successfully negotiate required authentication Std Return Code = > 10234, Error Code = 00017 FTP Complete: RC = 10234 > > > Where can I find the meanings of these error codes? > > The puzzling thing for me right now is this USED to work... I'd get > Authentication successful, and the transfer would continue with no problems. > > Anyway, tracking down the root cause of the failure will probably help. :-) > > Thanks > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, send email > to [email protected] with the message: INFO LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
