• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Backup Manager - FTP Storage - FTPS not working

S

Scott.B

Basic Pleskian
My version of Plesk is 17.8.11 and it was upgraded from 12.5

I have an issue with using the FTP Storage within Backup Manager.

I configured all settings correctly in the FTP Storage settings. If enable just "Use Passive Mode" and leave "Use FTPS" disabled and hit save it goes through its test and everything works and it saves the FTP settings just fine.

If I disable "Use Passive Mode" and only enable "Use FTPS" it states that it can't open a data connection.

However if I enable both "Use Passive Mode" and "Use FTPS" it connects fine and does it transfer tests and everything in the FTP Server logs shows successful transfer and deletion of files and directories, but then it fails with the following error.
Code: 
Error: Unable to operate the storage: Transport error: unable to delete file: Curl error: (35) SSL connect error: Last FTP request: NLST Last FTP response: 150 Opening data channel for directory listing of "/check0"
Check if you have permissions to delete files from the storage. You can check it independently with the commands:
echo 123 | curl -T - --ftp-create-dirs -v --ftp-pasv --ssl -k -u webbackup 'ftp://XXX.XXX.XXX.XXX///test-dir/test-file.txt'
curl -v --ftp-pasv --ssl -k -u webbackup 'ftp://XXX.XXX.XXX.XXX///test-dir/test-file.txt' -Q '-DELE test-file.txt'

How can I fix this problem? I want to make sure to use FTPS as this ensures all communication is secured.

Other users use this FTP server from different places around the world and they do not face this problems with connecting.

I tried to post the log files but it was too much text, so I attached it as a pdf file. During the process of writing and deleting directories and files all commands complete properly yet at the end of the process per Plesk error noted above it says it fails.
 

Attachments

  • FTPServerLog.pdf
    20.7 KB · Views: 5
Last edited:
I tried running the "You can check it independently..." command and below is what I got.

Code: 
echo 123 | curl -T - --ftp-create-dirs -v --ftp-pasv --ssl -k -u webbackup 'ftp://XXX.XXX.XXX.XXX///test-dir/test-file.txt'
Enter host password for user 'webbackup':
* About to connect() to XXX.XXX.XXX.XXX port 21 (#0)
*   Trying 70.28.25.134...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX) port 21 (#0)
< 220-Welcome to Ronco Secure FTP Server
< 220-Running FileZilla FileZilla Server 0.9.60 beta
< 220-For technical problems please contact Scott Berg
< 220 Network Administrator at [email protected]
> AUTH SSL
< 234 Using authentication type TLS
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
*       subject: [email protected],OU=Ronco,O=company,L=City,ST=State,C=Country,CN=XXX.XXX.XXX.XXX
*       start date: May 01 19:47:24 2018 GMT
*       expire date: May 01 19:47:24 2019 GMT
*       common name: XXX.XXX.XXX.XXX
*       issuer: [email protected],OU=Some OU,O=Some O,L=City,ST=State,C=Country,CN=XXX.XXX.XXX.XXX
> USER webbackup
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0< 331 Password required for webbackup
> PASS curl -v --ftp-pasv --ssl -k -u webbackup 'ftp://XXX.XXX.XXX.XXX///test-dir/test-file.txt' -Q '-DELE test-file.txt'Password
< 530 Login or password incorrect!
* Access denied: 530
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Closing connection 0
curl: (67) Access denied: 530

I see it is trying to connect on port 21, but my FTP server is on a different port.

How can I enter a different port? I tried putting in <ip address>:<port> and I am getting same problem where it does not work over FTPS and even when I tried the command independently it says access denied.

However when it goes through its testing process I see on the FTP server and its logs that it is able to connect and do all of its tests fine.
 
Last edited:
Yes as noted above I did run that command.. i realized afterwards what you were talking about.. stupid me I didn't notice it was in the error that was generated by Plesk.

When I did run that command it showed connecting to port 21 which my server is not on as it uses a different port. When I updated the hostname/ip field with <ipaddress>:<port> here is what I get.

Code: 
cho 123 | curl -T - --ftp-create-dirs -v --ftp-pasv --ssl -k -u webbackup 'ftp://XXX.XXX.XXX.XXX:XXX///test-dir/test-file.txt'
Enter host password for user 'webbackup':
* About to connect() to XXX.XXX.XXX.XXX port XXX (#0)
*   Trying XXX.XXX.XXX.XXX...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX) port XXX (#0)
< 220-Welcome to Ronco Secure FTP Server
< 220-Running FileZilla FileZilla Server 0.9.60 beta
< 220-For technical problems please contact IT Admin
< 220 Network Administrator at [email protected]
> AUTH SSL
< 234 Using authentication type TLS
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
*       subject: [email protected],OU=Company,O=Company,L=City,ST=State,C=Country,CN=XXX.XXX.XXX.XXX
*       start date: May 01 19:47:24 2018 GMT
*       expire date: May 01 19:47:24 2019 GMT
*       common name: XXX.XXX.XXX.XXX
*       issuer: [email protected],OU=Company,O=Company,L=City,ST=State,C=Country,CN=XXX.XXX.XXX.XXX
> USER webbackup
< 331 Password required for webbackup
> PASS <password>
< 230 Logged on
> PBSZ 0
< 200 PBSZ=0
> PROT P
< 200 Protection level set to P
> PWD
< 257 "/" is current directory.
* Entry path is '/'
> CWD /test-dir
* ftp_perform ends with SECONDARY: 0
< 550 CWD failed. "/test-dir": directory not found.
> MKD /test-dir
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0< 257 "/test-dir" created successfully
> CWD /test-dir
< 250 CWD successful. "/test-dir" is current directory.
> EPSV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||55380|)
*   Trying XXX.XXX.XXX.XXX...
* Connecting to XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX) port <port>
* Connected to XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX) port <port> (#0)
> TYPE I
< 200 Type set to I
> STOR test-file.txt
< 150 Opening data channel for file upload to server of "/test-dir/test-file.txt"
* Doing the SSL/TLS handshake on the data stream
* skipping SSL peer certificate verification
* NSS error -5938 (PR_END_OF_FILE_ERROR)
* Encountered end of file
* Failure sending ABOR command: SSL connect error
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
* Closing connection 0
curl: (35) Encountered end of file
 
Doesn't the

* NSS error -5938 (PR_END_OF_FILE_ERROR)
* Encountered end of file
* Failure sending ABOR command: SSL connect error

indicate an issue on the FTP server?
 
OK thanks I will take a look a that.

But by chance do you have any idea what that error is pointing towards?
 
Try to use the option ftpForbidReuseConnection in panel.ini
Code: 
[pmm]
ftpForbidReuseConnection = 1
Or uncheck the option "Require TLS session resumption on data connection when using PROT P" in Filezilla server settings.
 
DenisG said:
Try to use the option ftpForbidReuseConnection in panel.ini
Code: 
[pmm]
ftpForbidReuseConnection = 1
Or uncheck the option "Require TLS session resumption on data connection when using PROT P" in Filezilla server settings.
Click to expand...

I enabled the option in the panel.ini and did my test with the FTP settings and using the options Use FTPS and Passive mode checked as well as enabled correct port and it worked without error and saved my settings

My only question now is what that option does?

From sound of it, it looks like it does not reuse the connection, so will this cause a problem if during file transfer it fails, will it still connect and resume?
 
Scott.B said:
From sound of it, it looks like it does not reuse the connection, so will this cause a problem if during file transfer it fails, will it still connect and resume?
Click to expand...
Yes, it will. A new connection will be established.
 
You must log in or register to reply here.

Similar threads

C
Issue Transport error: unable to list directory: Curl error: (18) Transferred a partial file: Last FTP request
Replies
0
Views
206
cgoguyer
C
M
Question Add Remote Storage FTP(s) server without verification
Replies
0
Views
80
m.milutinovic
M
Gh()st
Issue Remote Storage FTP(S) Issue
Replies
1
Views
315
paulrm
P
I
Question FTP remote storage device
Replies
6
Views
365
ikorpershoek
I
H
Issue Backup failing to connect to remote FTP server
Replies
5
Views
2K
Peter Debik
P
Back
Top