> Notice how 530 and 500 were both returned for the TYPE command > that is not valid in this context. Now with the proposed fix: > > kemushi:~% telnet localhost 21 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 kemushi.esdenera.com FTP server ready. > USER anonymous > 331 Guest login ok, send your email address as password. > TYPE > 530 Please login with USER and PASS. > PASS me > 230 Guest login ok, access restrictions apply. > QUIT > 221 Goodbye. > Connection closed by foreign host.
Specification says there can be no command between USER and PASS. https://www.ietf.org/rfc/rfc959.txt PASSWORD (PASS) The argument field is a Telnet string specifying the user's password. This command must be immediately preceded by the user name command, and, for some sites, completes the user's identification for access control. Since password information is quite sensitive, it is desirable in general to "mask" it or suppress typeout. It appears that the server has no foolproof way to achieve this. It is therefore the responsibility of the user-FTP process to hide the sensitive password information.
