I am trying to upload my website and I tried using ssl. It turns out that ssl v3 gets used and the authentication proceeds without failure. Once a login is completed using the ssl, my client tries to send the directory information and then retrieve the directory listing but this results in a read timeout. Has anyone gotten this to work because x10 is the only server that my client doesn't work with and I have the same problem with filezilla
ftp over ssl
- Thread starter oldscho3
- Start date
- Status
- Messages
- 2,928
- Reaction score
- 118
- Points
- 63
Try using alternative methods for connecting securely, such as STARTTLS. I haven't tried myself so I'm not 100% sure it will work, but it is worth a shot. Otherwise you'll likely need to not use SSL until we resolve the issue.
Technical explanation (not for non-techies):
This is an issue with how the FTP protocol works (your initial connection to login and all subsequent transfers are actually on two different connections) and it conflicting with our firewall software. When unencrypted FTP is used, the firewall can automatically open the port it needs to in order to allow the transfers to take place (by knowing the packets are related to the original connection), but if SSL is used the firewall software cannot read which port FTP is trying to use, and thus it blocks the subsequent connection to send/receive data. This was previously worked around by limiting the FTP server to only using a certain block of ports and then always allowing connections into those ports, but our recent security changes must have reblocked those ports as a (possibly unintended) consequence. I'll check to see if such configuration can be put into effect again, but I make no guarantees as to when this might happen or what the end result will be.
Technical explanation (not for non-techies):
This is an issue with how the FTP protocol works (your initial connection to login and all subsequent transfers are actually on two different connections) and it conflicting with our firewall software. When unencrypted FTP is used, the firewall can automatically open the port it needs to in order to allow the transfers to take place (by knowing the packets are related to the original connection), but if SSL is used the firewall software cannot read which port FTP is trying to use, and thus it blocks the subsequent connection to send/receive data. This was previously worked around by limiting the FTP server to only using a certain block of ports and then always allowing connections into those ports, but our recent security changes must have reblocked those ports as a (possibly unintended) consequence. I'll check to see if such configuration can be put into effect again, but I make no guarantees as to when this might happen or what the end result will be.
- Status