How to? Does FTP.CFG only support SSL over port 21? (Newbie)

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
Sep 26, 2013
3
0
#1
I've created a script.btm file for testing this, it appears that only port 21 supports SSL connections is this true?
If this the case will other ports be possible in future releases, or is there a better way of doing this?

script.btm took some time to create but I can't upload it, assistance would be appreciated.

I'd expect Examples 4 / 5 to transfer data but I'm getting:
error during handshake[2]: 0x80090308
 
Last edited:
Sep 26, 2013
3
0
#2
:: Apologies - Code below:
@echo off
:: FTP.CFG examples - Does FTP.CFG only support SSL over port 21? Appears so from these examples...
echo ##
echo ## Testing FTP.CFG without/with SSL over different ports
echo ##
echo NOTE: (A) Results when FTP user account allows insecure FTP...
echo (B) Results when FTP user account Forces SSL 'Force SSL for user login' - FileZilla Server
echo.
echo.
set tccfile="C:\Program Files\JPSoft\TCMD20\FTP.CFG"
set ftpsite=<FTP SERVER>
set ftpport=990
set username=<USERNAME>
set password=<PASSWORD>
set ftpFile=test.txt
echo creating %tccfile%
echo %ftpsite% (customerbackups) %username% %password% > %tccfile%

:: create mockup file to transfer
echo test > %ftpFile%

:: useful when using a port sniffer, examine one example at a time..
:: set do_one=1 to only do one example, with appropriate goto...
set do_one=0
::goto example4

echo.
:example1
echo example 1: Simple FTP
echo ---------
set ftp_protocol=FTP
copy "%ftpFile" %ftp_protocol://customerbackups/DBbackups/
echo.
echo (A) sends data over port 21 - insecure, this seems correct.
echo (B) fails if Force SSL login enabled for user, this seems correct.
echo.
if "%do_one"="1" quit

:example2
echo example 2: using FTPS protocol
echo ---------
set ftp_protocol=FTPS
copy "%ftpFile" %ftp_protocol://customerbackups/DBbackups/
echo.
echo (A) sends data over port 21 using TLS, this seems correct.
echo (B) sends data over port 21 using TLS, this seems correct.
echo.
if "%do_one"="1" quit

:example3
echo example 3: using FTP on port 990
echo ---------
set ftp_protocol=FTP
copy "%ftpFile" "%ftp_protocol://customerbackups:990/DBbackups/"
echo.
echo (A) Sends data over port 990, insecure
echo (B) FTP protocol error: 530 TLS required "FTP://customerbackups:990/DBbackups/", seems correct
echo.
if "%do_one"="1" quit

:example4
echo example 4: using FTPS on port 990
echo ---------
set ftp_protocol=FTPS
copy "%ftpFile" %ftp_protocol://customerbackups:990/DBbackups/
echo (A) Sends data over port 990 error during handshake[2]: 0x80090308 "FTPS://customerbackups:990/DBbackups"
echo (B) Sends data over port 990 error during handshake[2]: 0x80090308 "FTPS://customerbackups:990/DBbackups"
echo port sniffer shows: 500 Syntax error, command unrecognized.
echo.
if "%do_one"="1" quit

:example5
echo example 5: using FTPS on port 20
echo ---------
set ftp_protocol=FTPS
copy "%ftpFile" %ftp_protocol://customerbackups:20/DBbackups/
echo (A) error during handshake[2]: 0x80090308 "FTPS://customerbackups:20/DBbackups"
echo (B) error during handshake[2]: 0x80090308 "FTPS://customerbackups:20/DBbackups"
echo.
if "%do_one"="1" quit

:example6
echo example 6: using FTPS on port 990 - changing FTP.CFG (port needed in there?)
echo ---------
echo changing FTP.CFG and addding port %ftpport% - just incase FTP.CFG requires the port!!
echo %ftpsite%:%ftpport% (customerbackups) %username% %password% > %tccfile%

set ftp_protocol=FTPS
copy "%ftpFile" %ftp_protocol://customerbackups/DBbackups
echo (A) errors with: Host not found "ftp.axitech.co.uk:990"
echo (B) errors with: Host not found "ftp.axitech.co.uk:990"
echo.
 
Sep 26, 2013
3
0
#4
Thanks for the quick response, example 4 uses the specific port 990, and example 5 uses port 20.
The file alias in my example is customerbackups
So, using:
copy file.txt ftp://customerbackups:21/DBbackups works,
But,
copy file.txt ftp://customerbackups:990/DBbackups doesn't work. Even though the username / password in FTP.CFG is correct.
I get the error code: error during handshake[2]: 0x80090308
The port sniffer shows the error message:
500 Syntax error, command unrecognized.
 
#5
Here, ftps (SSL on port 21) works. Lucky.syr.edu listens on port 990 and that port is OK with the firewall. When I try port 990 I get these.
Code:
v:\> dir ftp://lucky.syr.edu:990/4plugins

TCC: Timeout. "ftp://lucky.syr.edu:990/4plugins"
TCC: Timeout. "ftp://lucky.syr.edu:990/4plugins"
TCC: (Sys) The system cannot find the file specified.
 "ftp://lucky.syr.edu:990/4plugins"
                   0 bytes in 0 files and 0 dirs

v:\> iftp /v ftp://lucky.syr.edu:990/4plugins
Connecting to FTP server.
Connected.
TCC: Timeout. "lucky.syr.edu"

v:\>
The three timeouts above are 180 seconds (!) each. Note that there's two timeouts in the first example and one in the second example.
The server's log shows entries like this.
Code:
[02] Mon 10Jul17 12:24:11 - (001818) Connected to 72.230.84.149 (local address 128.230.13.36, port 990)
[03] Mon 10Jul17 12:24:11 - (001818) IP-Name: alt.vefatica.net (72.230.84.149)
[02] Mon 10Jul17 12:27:11 - (001818) Unable to establish SSL connection (CLIENT ERROR: Client may have rejected the SSL certificate.  Ensure the SSL certificate has been issued by a certificate authority.)
[02] Mon 10Jul17 12:27:11 - (001818) Closed session
Sniffing shows only IP handshaking ... not enough data for any certificate to have been sent. And the certificate works fine with ftps.