TLS issue...

Need help with FileZilla Client? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
gutterboy
504 Command not implemented
Posts: 6
Joined: 2019-01-15 20:09

TLS issue...

#1 Post by gutterboy » 2019-01-15 20:58

I am having problems similar to this:

Code: Select all

https://support.tigertech.net/filezilla-disable-tls
I have had this issue for ages (the last few years) whenever I have tried to use TLS and from googling it seems many others do too. I have experienced it on several different servers and I usually just use plain FTP because of this.

However a server I am using now requires the usage of TLS and hence I have run into this issue again - on the very rare occasion it will work, but 99% of the time it either gets stuck on "Initializing TLS..." or "Retrieving directory listing..." depending on the server I think!?

Anyway, I have tried disabling and adding exceptions to my Firewall and Anti-virus with no changes, so it's not caused by them.

Now I know not everyone experiences these issues, but I really think this is an internal issue with Filezilla as I tried 4 different FTP programs and all had no issues connecting via TLS.

I would prefer to stick with Filezilla, but I cannot until this issue is fixed.

I am running on Win 7 Pro. FWIW.

User avatar
botg
Site Admin
Posts: 35507
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: TLS issue...

#2 Post by botg » 2019-01-15 22:11

TLS is the way forward. Plaintext connections, regardless of protocol, are an archaic concept going to disappear soon.

Client-side FTP over TLS rarely requires any configuration. This reeks of incompetent server administrators not understanding how the servers they are supposed to administrate work. Unsurprisingly they are failing their administrative duties as the result.

If FTP over TLS does not work, talk to your server administrator or server hosting provider. If it still doesn't work afterwards you have but once choice, fire said administrator or switch to a server provider that doesn't employ incompetent administrators.

gutterboy
504 Command not implemented
Posts: 6
Joined: 2019-01-15 20:09

Re: TLS issue...

#3 Post by gutterboy » 2019-01-16 21:59

I appreciate your response, but as I said, I believe it is an issue with Filezilla, not the host. It had happened on several different hosts and as stated I have had no issues with other FTP clients.

gutterboy
504 Command not implemented
Posts: 6
Joined: 2019-01-15 20:09

Re: TLS issue...

#4 Post by gutterboy » 2019-01-21 10:32

So we're ignoring the issue then?

User avatar
botg
Site Admin
Posts: 35507
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: TLS issue...

#5 Post by botg » 2019-01-21 18:36

Please confirm, are you actually using TLS with these other clients? I don't think any other client defaults to FTP over TLS.

gutterboy
504 Command not implemented
Posts: 6
Joined: 2019-01-15 20:09

Re: TLS issue...

#6 Post by gutterboy » 2019-01-21 22:09

Thank you for the response.

Yes I am using TLS - the server I am connecting to and testing it on only accepts secure connections anyway, but it was TLS for sure.

I know this isn't an issue for everyone that uses Filezilla and it works fine for them, but it does seem like a common issue for many others.

User avatar
botg
Site Admin
Posts: 35507
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: TLS issue...

#7 Post by botg » 2019-01-23 09:20

Could you please post a log showing the problem? Also, please test your server on https://ftptest.net/ for a second opinion.

gutterboy
504 Command not implemented
Posts: 6
Joined: 2019-01-15 20:09

Re: TLS issue...

#8 Post by gutterboy » 2019-01-26 17:30

Not really interested in putting my FTP info into that site, but here is a debug log:

Trace: CControlSocket::SendNextCommand()
Trace: CFtpLogonOpData::Send() in state 0
Status: Resolving address of s111.syd3.hostingplatform.net.au
Status: Connecting to *****************:21...
Status: Connection established, waiting for welcome message...
Trace: CFtpControlSocket::OnReceive()
Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response: 220-You are user number 1 of 50 allowed.
Response: 220-Local time is now 04:25. Server port: 21.
Response: 220-This is a private system - No anonymous login
Response: 220-IPv6 connections are also welcome on this server.
Response: 220 You will be disconnected after 15 minutes of inactivity.
Trace: CFtpLogonOpData::ParseResponse() in state 1
Trace: CControlSocket::SendNextCommand()
Trace: CFtpLogonOpData::Send() in state 2
Command: AUTH TLS
Trace: CFtpControlSocket::OnReceive()
Response: 234 AUTH TLS OK.
Trace: CFtpLogonOpData::ParseResponse() in state 2
Status: Initializing TLS...
Trace: CTlsSocketImpl::Handshake()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: TLS handshake: About to send CLIENT HELLO
Trace: TLS handshake: Sent CLIENT HELLO
Trace: CTlsSocketImpl::OnSend()
Trace: CTlsSocketImpl::OnRead()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: CTlsSocketImpl::OnRead()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: TLS handshake: Received SERVER HELLO
Trace: TLS handshake: Processed SERVER HELLO
Trace: CTlsSocketImpl::OnRead()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: CTlsSocketImpl::OnRead()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: TLS handshake: Received CERTIFICATE
Trace: TLS handshake: Processed CERTIFICATE
Trace: TLS handshake: Received SERVER KEY EXCHANGE
Trace: TLS handshake: Processed SERVER KEY EXCHANGE
Trace: TLS handshake: Received SERVER HELLO DONE
Trace: TLS handshake: Processed SERVER HELLO DONE
Trace: TLS handshake: About to send CLIENT KEY EXCHANGE
Trace: TLS handshake: Sent CLIENT KEY EXCHANGE
Trace: TLS handshake: About to send FINISHED
Trace: TLS handshake: Sent FINISHED
Trace: CTlsSocketImpl::OnRead()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: TLS handshake: Received NEW SESSION TICKET
Trace: TLS handshake: Processed NEW SESSION TICKET
Trace: TLS handshake: Received FINISHED
Trace: TLS handshake: Processed FINISHED
Trace: TLS Handshake successful
Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD

Then it just sits there idle.

When I was talking to my host about this they told me at one point that "I can see from the latest server logs that you're connecting via "TLSv1/SSLv3" which are older/outdated encryption methods and will be rejected when connecting to our server."

Cheers!

User avatar
botg
Site Admin
Posts: 35507
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: TLS issue...

#9 Post by botg » 2019-01-26 18:19

According to the log TLS 1.2 has been negotiated with the server. The response from your hosting provider does not instill me with trust in their ability to host servers.

gutterboy
504 Command not implemented
Posts: 6
Joined: 2019-01-15 20:09

Re: TLS issue...

#10 Post by gutterboy » 2019-01-26 19:32

Their response was from previous connections, not this particular one. It's obvious he logs show this one was on TLS 1.2. I have 100% faith in my hosting company, particularly because they are not a fly-by-night host, nor do they offshore their tech support as well as the fact this has happened on numerous hosts. With respect, I think you should stop trying to point fingers at the hosts.

Post Reply