Unix & Linux Stack Exchange
Q&A for users of Linux, FreeBSD and other Unix-like operating systems
Latest Questions
7
votes
1
answers
13483
views
Ubuntu - lftp will not connect to ftps site (Fatal error: gnutls_handshake: An unexpected TLS packet was received.)
I have a specific ftps site that I cannot connect to with lftp. When I attempt to connect I get the error: Fatal error: gnutls_handshake: An unexpected TLS packet was received When I use gnutls-cli to connect I have found the correct settings to negotiate and actually issue a USER command. What I am...
I have a specific ftps site that I cannot connect to with lftp.
When I attempt to connect I get the error:
Fatal error: gnutls_handshake: An unexpected TLS packet was received
When I use gnutls-cli to connect I have found the correct settings to negotiate and actually issue a USER command. What I am asking for is any pointers to the correct lftp configuration for the gnutls part so that it can authenticate correctly.
**UPDATE:** What I see happening is that when using gnutls-cli it selects the right MAC and cipher to be used:
|| HSK[0x24073f0]: Selected cipher suite: RSA_3DES_EDE_CBC_SHA1
Unlike when being called from lftp is does not:
GNUTLS: ENC[0x1918cd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
Below are my configurations and debug outputs from lftp and gnutls-cli:
## lftp Configuration ##
lftp
set ssl:priority NORMAL:+VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2
set ftps:initial-prot P
set ftp:ssl-allow yes
set ftp:ssl-force yes
set ftp:ssl-protect-list yes
set ftp:ssl-protect-data yes
set ftp:ssl-protect-fxp yes
set ssl:verify-certificate no
debug 999999999
open ftps://XXX.XXX.XXX.XXX:990
quote USER
## gnutls-cli Configuration ##
gnutls-cli --starttls-proto=ftp XXX.XXX.XXX.XXX -p 990 --no-ca-verification -d 5
----------
***Some aspects have been anonomized, but nothing about the protocols ***
## lftp debug output ##
lftp
lftp :~> set ssl:priority NORMAL:+VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2
lftp :~> set ftps:initial-prot P
lftp :~> set ftp:ssl-allow yes
lftp :~> set ftp:ssl-force yes
lftp :~> set ftp:ssl-protect-list yes
lftp :~> set ftp:ssl-protect-data yes
lftp :~> set ftp:ssl-protect-fxp yes
lftp :~> set ssl:verify-certificate no
lftp :~> debug 999999999
lftp :~> open ftps://XXX.XXX.XXX.XXX:990
---- Resolving host address...
buffer: EOF on FD 5
---- 1 address found: XXX.XXX.XXX.XXX
lftp XXX.XXX.XXX.XXX:~> quote USER
FileCopy(0x1475a50) enters state INITIAL
FileCopy(0x1475a50) enters state DO_COPY
---- dns cache hit
---- attempt number 1 (max_retries=1000)
---- Connecting to XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX) port 990
GNUTLS: ASSERT: common.c:1110
..............
GNUTLS: REC[0x1918cd0]: Allocating epoch #0
GNUTLS: ASSERT: gnutls_constate.c:596
GNUTLS: REC[0x1918cd0]: Allocating epoch #1
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 (C0.86)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 (C0.87)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 (C0.72)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 (C0.73)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CCM (C0.AC)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CCM (C0.AD)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.8A)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.8B)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384 (C0.28)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 (C0.76)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 (C0.77)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_GCM_SHA256 (00.9C)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_GCM_SHA384 (00.9D)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_GCM_SHA256 (C0.7A)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_GCM_SHA384 (C0.7B)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA1 (00.2F)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA256 (00.3C)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA1 (00.35)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA256 (00.3D)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 (00.41)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA256 (00.BA)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 (00.84)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA256 (00.C0)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CCM (C0.9C)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CCM (C0.9D)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_RSA_3DES_EDE_CBC_SHA1 (00.0A)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_GCM_SHA256 (00.9E)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_GCM_SHA384 (00.9F)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.7C)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.7D)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA1 (00.33)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA256 (00.67)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA1 (00.39)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA256 (00.6B)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 (00.BE)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 (00.C4)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CCM (C0.9E)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CCM (C0.9F)
GNUTLS: HSK[0x1918cd0]: Keeping ciphersuite: GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
GNUTLS: EXT[0x1918cd0]: Sending extension EXT MASTER SECRET (0 bytes)
GNUTLS: EXT[0x1918cd0]: Sending extension ENCRYPT THEN MAC (0 bytes)
GNUTLS: EXT[0x1918cd0]: Sending extension STATUS REQUEST (5 bytes)
GNUTLS: EXT[0x1918cd0]: Sending extension SERVER NAME (17 bytes)
GNUTLS: EXT[0x1918cd0]: Sending extension SAFE RENEGOTIATION (1 bytes)
GNUTLS: EXT[0x1918cd0]: Sending extension SESSION TICKET (0 bytes)
GNUTLS: EXT[0x1918cd0]: Sending extension SUPPORTED ECC (12 bytes)
GNUTLS: EXT[0x1918cd0]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes)
GNUTLS: EXT[0x1918cd0]: sent signature algo (4.1) RSA-SHA256
GNUTLS: EXT[0x1918cd0]: sent signature algo (4.3) ECDSA-SHA256
GNUTLS: EXT[0x1918cd0]: sent signature algo (5.1) RSA-SHA384
GNUTLS: EXT[0x1918cd0]: sent signature algo (5.3) ECDSA-SHA384
GNUTLS: EXT[0x1918cd0]: sent signature algo (6.1) RSA-SHA512
GNUTLS: EXT[0x1918cd0]: sent signature algo (6.3) ECDSA-SHA512
GNUTLS: EXT[0x1918cd0]: sent signature algo (3.1) RSA-SHA224
GNUTLS: EXT[0x1918cd0]: sent signature algo (3.3) ECDSA-SHA224
GNUTLS: EXT[0x1918cd0]: sent signature algo (2.1) RSA-SHA1
GNUTLS: EXT[0x1918cd0]: sent signature algo (2.3) ECDSA-SHA1
GNUTLS: EXT[0x1918cd0]: Sending extension SIGNATURE ALGORITHMS (22 bytes)
GNUTLS: HSK[0x1918cd0]: CLIENT HELLO was queued [248 bytes]
GNUTLS: REC[0x1918cd0]: Preparing Packet Handshake(22) with length: 248 and min pad: 0
GNUTLS: ENC[0x1918cd0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
GNUTLS: REC[0x1918cd0]: Sent Packet Handshake(22) in epoch 0 and length: 253
GNUTLS: ASSERT: gnutls_buffers.c:1154
GNUTLS: REC[0x1918cd0]: SSL 50.48 Unknown Packet packet received. Epoch 0, length: 11603
GNUTLS: ASSERT: gnutls_record.c:572
GNUTLS: Received record packet of unknown type 50
GNUTLS: ASSERT: gnutls_record.c:1076
GNUTLS: ASSERT: gnutls_record.c:1158
GNUTLS: ASSERT: gnutls_buffers.c:1409
GNUTLS: ASSERT: gnutls_handshake.c:1446
GNUTLS: ASSERT: gnutls_handshake.c:2762
**** gnutls_handshake: An unexpected TLS packet was received.
GNUTLS: REC[0x1918cd0]: Start of epoch cleanup
GNUTLS: REC[0x1918cd0]: End of epoch cleanup
GNUTLS: REC[0x1918cd0]: Epoch #0 freed
GNUTLS: REC[0x1918cd0]: Epoch #1 freed
---- Closing control socket
quote: USER : Fatal error: gnutls_handshake: An unexpected TLS packet was received.
## gnutls-cli debug output ##
gnutls-cli --starttls-proto=ftp XXX.XXX.XXX.XXX -p 990 --no-ca-verification -d 5
|| ASSERT: common.c:1110...
Processed 173 CA certificate(s).
Resolving 'XXX.XXX.XXX.XXX'...
Connecting to 'XXX.XXX.XXX.XXX:990'...
|| REC[0x24073f0]: Allocating epoch #0
|| ASSERT: gnutls_constate.c:596
|| REC[0x24073f0]: Allocating epoch #1
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 (C0.86)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 (C0.87)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 (C0.72)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 (C0.73)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CCM (C0.AC)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CCM (C0.AD)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.8A)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.8B)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384 (C0.28)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 (C0.76)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 (C0.77)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_GCM_SHA256 (00.9C)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_GCM_SHA384 (00.9D)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_GCM_SHA256 (C0.7A)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_GCM_SHA384 (C0.7B)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA1 (00.2F)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA256 (00.3C)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA1 (00.35)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA256 (00.3D)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 (00.41)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA256 (00.BA)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 (00.84)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA256 (00.C0)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CCM (C0.9C)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CCM (C0.9D)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_RSA_3DES_EDE_CBC_SHA1 (00.0A)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_GCM_SHA256 (00.9E)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_GCM_SHA384 (00.9F)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.7C)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.7D)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA1 (00.33)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA256 (00.67)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA1 (00.39)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA256 (00.6B)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 (00.BE)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 (00.C4)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CCM (C0.9E)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CCM (C0.9F)
|| HSK[0x24073f0]: Keeping ciphersuite: GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
|| EXT[0x24073f0]: Sending extension EXT MASTER SECRET (0 bytes)
|| EXT[0x24073f0]: Sending extension ENCRYPT THEN MAC (0 bytes)
|| EXT[0x24073f0]: Sending extension STATUS REQUEST (5 bytes)
|| EXT[0x24073f0]: Sending extension SAFE RENEGOTIATION (1 bytes)
|| EXT[0x24073f0]: Sending extension SESSION TICKET (0 bytes)
|| EXT[0x24073f0]: Sending extension SUPPORTED ECC (12 bytes)
|| EXT[0x24073f0]: Sending extension SUPPORTED ECC POINT FORMATS (2 bytes)
|| EXT[0x24073f0]: sent signature algo (4.1) RSA-SHA256
|| EXT[0x24073f0]: sent signature algo (4.3) ECDSA-SHA256
|| EXT[0x24073f0]: sent signature algo (5.1) RSA-SHA384
|| EXT[0x24073f0]: sent signature algo (5.3) ECDSA-SHA384
|| EXT[0x24073f0]: sent signature algo (6.1) RSA-SHA512
|| EXT[0x24073f0]: sent signature algo (6.3) ECDSA-SHA512
|| EXT[0x24073f0]: sent signature algo (3.1) RSA-SHA224
|| EXT[0x24073f0]: sent signature algo (3.3) ECDSA-SHA224
|| EXT[0x24073f0]: sent signature algo (2.1) RSA-SHA1
|| EXT[0x24073f0]: sent signature algo (2.3) ECDSA-SHA1
|| EXT[0x24073f0]: Sending extension SIGNATURE ALGORITHMS (22 bytes)
|| HSK[0x24073f0]: CLIENT HELLO was queued [227 bytes]
|| REC[0x24073f0]: Preparing Packet Handshake(22) with length: 227 and min pad: 0
|| REC[0x24073f0]: Sent Packet Handshake(22) in epoch 0 and length: 232
|| ASSERT: gnutls_buffers.c:1154
|| REC[0x24073f0]: SSL 3.1 Handshake packet received. Epoch 0, length: 950
|| REC[0x24073f0]: Expected Packet Handshake(22)
|| REC[0x24073f0]: Received Packet Handshake(22) with length: 950
|| REC[0x24073f0]: Decrypted Packet Handshake(22) with length: 950
|| HSK[0x24073f0]: SERVER HELLO (2) was received. Length 77, frag offset 0, frag length: 77, sequence: 0
|| HSK[0x24073f0]: Server's version: 3.1
|| HSK[0x24073f0]: SessionID length: 32
|| HSK[0x24073f0]: SessionID: 000003031e05c5fea2ec00000000000000000000000000005b69ab4d00000001
|| HSK[0x24073f0]: Selected cipher suite: RSA_3DES_EDE_CBC_SHA1
|| HSK[0x24073f0]: Selected compression method: NULL (0)
|| EXT[0x24073f0]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes)
|| HSK[0x24073f0]: Safe renegotiation succeeded
|| ASSERT: gnutls_buffers.c:1154
|| HSK[0x24073f0]: CERTIFICATE (11) was received. Length 861, frag offset 0, frag length: 861, sequence: 0
|| ASSERT: gnutls_buffers.c:1392
|| ASSERT: extensions.c:65
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate info:
|| ASSERT: dn.c:250
|| ASSERT: dn.c:250
|| ASSERT: extensions.c:65
- subject
', RSA key 1024 bits, signed using RSA-SHA1, activated 2009-09-10 00:00:00 UTC', expires 2021-04-24 23:59:59 UTC', SHA-1 fingerprint 555555555555555555555555555555555555555'
Public Key ID:
PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP
Public key's random art:
+--[ RSA 1024]----+
| o.o |
| .= E.|
| .B.o|
| .= |
| S = .|
| . o . .= |
| . . . oo.|
| . o+|
| .o.|
+-----------------+
|| ASSERT: gnutls_buffers.c:1154
|| HSK[0x24073f0]: SERVER HELLO DONE (14) was received. Length 0, frag offset 0, frag length: 1, sequence: 0
|| ASSERT: gnutls_buffers.c:1145
|| ASSERT: gnutls_buffers.c:1392
|| ASSERT: gnutls_buffers.c:1374
|| ASSERT: extensions.c:65
|| HSK[0x24073f0]: CLIENT KEY EXCHANGE was queued [134 bytes]
|| REC[0x24073f0]: Sent ChangeCipherSpec
|| REC[0x24073f0]: Initializing epoch #1
|| REC[0x24073f0]: Epoch #1 ready
|| HSK[0x24073f0]: Cipher Suite: RSA_3DES_EDE_CBC_SHA1
|| HSK[0x24073f0]: Initializing internal [write] cipher sessions
|| HSK[0x24073f0]: recording tls-unique CB (send)
|| HSK[0x24073f0]: FINISHED was queued [16 bytes]
|| REC[0x24073f0]: Preparing Packet Handshake(22) with length: 134 and min pad: 0
|| REC[0x24073f0]: Sent Packet Handshake(22) in epoch 0 and length: 139
|| REC[0x24073f0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
|| REC[0x24073f0]: Sent Packet ChangeCipherSpec(20) in epoch 0 and length: 6
|| REC[0x24073f0]: Preparing Packet Handshake(22) with length: 16 and min pad: 0
|| REC[0x24073f0]: Sent Packet Handshake(22) in epoch 1 and length: 45
|| REC[0x24073f0]: SSL 3.1 ChangeCipherSpec packet received. Epoch 0, length: 1
|| REC[0x24073f0]: Expected Packet ChangeCipherSpec(20)
|| REC[0x24073f0]: Received Packet ChangeCipherSpec(20) with length: 1
|| REC[0x24073f0]: Decrypted Packet ChangeCipherSpec(20) with length: 1
|| HSK[0x24073f0]: Cipher Suite: RSA_3DES_EDE_CBC_SHA1
|| ASSERT: gnutls_buffers.c:1154
|| REC[0x24073f0]: SSL 3.1 Handshake packet received. Epoch 0, length: 40
|| REC[0x24073f0]: Expected Packet Handshake(22)
|| REC[0x24073f0]: Received Packet Handshake(22) with length: 40
|| REC[0x24073f0]: Decrypted Packet Handshake(22) with length: 16
|| HSK[0x24073f0]: FINISHED (20) was received. Length 12, frag offset 0, frag length: 12, sequence: 0
|| REC[0x24073f0]: Start of epoch cleanup
|| REC[0x24073f0]: Epoch #0 freed
|| REC[0x24073f0]: End of epoch cleanup
- Description: (TLS1.0)-(RSA)-(3DES-CBC)-(SHA1)
- Session ID: 00:00:03:03:1E:05:C5:FE:A2:EC:00:00:00:00:00:00:00:00:00:00:00:00:00:00:5B:69:AB:4D:00:00:00:01
|| ASSERT: server_name.c:298
- Version: TLS1.0
- Key Exchange: RSA
- Cipher: 3DES-CBC
- MAC: SHA1
- Compression: NULL
|| ASSERT: status_request.c:350
|| ASSERT: gnutls_ui.c:797
- Options: safe renegotiation,
|| ASSERT: srtp.c:317
|| ASSERT: alpn.c:227
- Handshake was completed
|| ASSERT: status_request.c:350
- Simple Client Mode:
Ptier
(71 rep)
Aug 7, 2018, 02:32 PM
• Last activity: Jul 21, 2025, 12:05 PM
2
votes
1
answers
2689
views
LFTP exclude file extensions
I am trying to mirror directories with lftp but I don't want to download filetypes that are notoriously large like .mp4 and .swf. But I am having trouble with the regex - and seeming like the exclude-glob too. Both of them download all files. What I tried: `/usr/local/bin/lftp -u user,pass -e 'mirro...
I am trying to mirror directories with lftp but I don't want to download filetypes that are notoriously large like .mp4 and .swf. But I am having trouble with the regex - and seeming like the exclude-glob too. Both of them download all files.
What I tried:
/usr/local/bin/lftp -u user,pass -e 'mirror -x ^(\.mp4|\.swf)$ $src $dest' ftp.host
&&
/usr/local/bin/lftp -u user,pass -e 'mirror -X swf $src $dest' ftp.host
Carter
(121 rep)
Jul 22, 2015, 07:37 PM
• Last activity: Jul 9, 2025, 10:08 PM
1
votes
1
answers
2829
views
LFTP exclude specific folder only
I have same folder name in different sub-directories, but while mirroring I want to exclude specific folder only. Example : I have directory "123" in different directories ./abc/123/ ./abc/xyz/123/ ./xxx/123/ ./abc/yyy/123/ I want to exclude `./abc/123/` only, but if I use below command that exclude...
I have same folder name in different sub-directories, but while mirroring I want to exclude specific folder only.
Example :
I have directory "123" in different directories
./abc/123/
./abc/xyz/123/
./xxx/123/
./abc/yyy/123/
I want to exclude
./abc/123/ only, but if I use below command that exclude all occurance
lftp -p 22 -e 'mirror --exclude ./abc/123/ './abc' '/var/www/' ; exit' sftp://user@domain.com
Jeff A
(11 rep)
May 6, 2019, 05:26 PM
• Last activity: Jun 15, 2025, 06:07 AM
0
votes
1
answers
3092
views
Unable to connect to remote server using lftp
I'm trying to establish a new ftps connection between two servers, say A and B. Below are the commands I'm using for establishing the connection. I guess i'm able to connect to the remote server but unable to perform operations like `cd`,`ls` while in the remote server. It just hangs while performin...
I'm trying to establish a new ftps connection between two servers, say A and B.
Below are the commands I'm using for establishing the connection. I guess i'm able to connect to the remote server but unable to perform operations like
cd,ls while in the remote server.
It just hangs while performing the cd operation(as shown below)
$ lftp
lftp :> set ftp:ssl-allow true
lftp :> set ftp:ssl-force true
lftp :> set ftp:ssl-protect-data true
lftp :> set ftp:ssl-protect-list true
lftp :> open -p 2121 sos13a-0501a.eu.hedani.net
lftp xxxx-xxxxx.xx.xxxxx.net:> cd /secure/gtd/VTXT
cd `/secure/gtd/VTXT' [Logging in...]
ashish_k
(375 rep)
Apr 24, 2019, 06:53 AM
• Last activity: Apr 14, 2025, 11:05 PM
0
votes
1
answers
861
views
How to send email with log output if script fails
I have the following script template I've been writing to use LFTP to mirror remote files to a local folder for clients. If the mirror fails, I'd like it to send an email with the output that was logged (but not the actual log file, as it could be rather long). As is, it would only show the exit sta...
I have the following script template I've been writing to use LFTP to mirror remote files to a local folder for clients. If the mirror fails, I'd like it to send an email with the output that was logged (but not the actual log file, as it could be rather long). As is, it would only show the exit status of 1. What's the best way to send the output instead?
#! /bin/bash
# Client info
client=example
data=/home/clients/$client/data
log=/home/clients/$client/log
# Create directories
mkdir -p $data $log
# LFTP settings
protocol="sftp://"
host="ftp.example.com"
user="example"
pass='123abc'
remote=/Outbound
command="mirror --verbose --continue $remote $data"
# Output to log
exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' 0 1 2 3
exec 1>>$log/$client.log 2>&1
# Begin import | Recursively mirror remote to data
timestamp="$(date +"%m-%d-%Y@%T")"
echo "*** Time is $timestamp ***"
echo "Starting $client import."
lftp -u $user,$pass $protocol$host <
Justin Buckley
(1 rep)
Jan 29, 2021, 05:02 PM
• Last activity: Jan 7, 2025, 12:35 PM
0
votes
1
answers
39
views
Reading directory in lftp - Changed Date is not unambiguously
I am using lftp to read from an ftp server - When I read the current directory with `ls -R`, in the result for the date is not always the same: ``` -rwxr-xr-x 1 30020 30021 1213487 Mar 10 2024 A2024031004000171.zip -rwxr-xr-x 1 30020 30021 1147352 Apr 21 2024 A2024042104000172.zip -rwxr-xr-x 1 30020...
I am using lftp to read from an ftp server - When I read the current directory with
ls -R, in the result for the date is not always the same:
-rwxr-xr-x 1 30020 30021 1213487 Mar 10 2024 A2024031004000171.zip
-rwxr-xr-x 1 30020 30021 1147352 Apr 21 2024 A2024042104000172.zip
-rwxr-xr-x 1 30020 30021 1146095 May 12 2024 A2024051204000173.zip
-rwxr-xr-x 1 30020 30021 1148535 Jun 9 04:29 A2024060904000174.zip
-rwxr-xr-x 1 30020 30021 1155371 Jul 14 04:27 A2024071404000175.zip
-rwxr-xr-x 1 30020 30021 1150829 Aug 11 04:23 A2024081104000176.zip
-rwxr-xr-x 1 30020 30021 1151742 Sep 8 05:09 A2024090804000177.zip
-rwxr-xr-x 1 30020 30021 1154313 Oct 13 04:24 A2024101304000178.zip
-rwxr-xr-x 1 30020 30021 1153442 Nov 10 04:25 A2024111004000179.zip
-rwxr-xr-x 1 30020 30021 1203416 Jan 14 2024 A2024011404000169.zip
-rwxr-xr-x 1 30020 30021 1214387 Feb 11 2024 A2024021104000170.zip
tdog4224
(11 rep)
Nov 22, 2024, 03:36 PM
• Last activity: Nov 25, 2024, 07:11 AM
0
votes
1
answers
373
views
Why does lftp does not work with special characters in password?
Why `lftp -u testuser,":abcd[S\ymefgH" -e "cd;bye" server1` does not work but when using ftp server1 manually it works I tried single quotes as well but it just stucks on **cd `~' [Delaying before reconnect: 28]** It is a problem only with some passwords with special characters not all of them.I am...
Why
lftp -u testuser,":abcd[S\ymefgH" -e "cd;bye" server1 does not work but when using ftp server1 manually it works
I tried single quotes as well but it just stucks on **cd `~' [Delaying before reconnect: 28]**
It is a problem only with some passwords with special characters not all of them.I am not sure which character is causing this, i believe it could be : causing the problem.
munish
(8227 rep)
Sep 15, 2024, 03:30 PM
• Last activity: Sep 15, 2024, 05:05 PM
1
votes
1
answers
5350
views
Copy specific folders via lftp
I want to copy data using lftp login from server. Here is my command to copy all the data. lftp -u uid,pwd -e 'mirror -c /home/dcr96/TCGA' sftp://rob2056@serapeum2.qib.pbtech This copies the data from sftp to the local dir. However, I want to copy only specific folders, which are in a list. How shou...
I want to copy data using lftp login from server.
Here is my command to copy all the data.
lftp -u uid,pwd -e 'mirror -c /home/dcr96/TCGA' sftp://rob2056@serapeum2.qib.pbtech
This copies the data from sftp to the local dir. However, I want to copy only specific folders, which are in a list.
How should I do that?
Ron
(1087 rep)
May 3, 2017, 06:23 PM
• Last activity: Apr 15, 2024, 03:07 PM
0
votes
0
answers
523
views
lftp for sftp is not working; stuck on `ls' at 0 [Connecting...]
I am having an issue with lftp where it gets stuck on ``` `ls' at 0 [Connecting...] ``` for an SFTP connection. Versions: * Linux 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 4 14:55:32 EST 2024 x86_64 x86_64 x86_64 GNU/Linux * LFTP | Version 4.4.8 Here how I am running it: ```lang-shellsession user@...
I am having an issue with lftp where it gets stuck on
`ls' at 0 [Connecting...]-shellsession
user@server:~$ lftp -d
lftp :~> open -u Uname,Passwd -p 22 sftp://test.host.com
lftp Uname@test.host.com:~> ls
---- Running connect program (ssh -a -x -s -l Uname -p 22 test.host.com sftp)
---> sending a packet, length=5, type=1(INIT), id=0
ls
In Out Received
sftp>/home/user/.ssh/known_hosts file.
Not sure why it is not working when using lftp.
Edit 1:
-shellsession
user@server:~$ lftp sftp://test.host.com
lftp test.host.com:~>-shellsession
user@server:~$ ssh Uname@test.host.com
Password authentication
Uname's password
PTY allocation request failed on channel 0
Sorry, SFTP Only - pty-req not allowed.
Connection to test.host.com closed.
user3152289
(1 rep)
Feb 29, 2024, 10:46 PM
• Last activity: Mar 1, 2024, 12:34 PM
0
votes
1
answers
245
views
How to use a pipe with lftp?
I have files ending with apk in my desktop pc's terminal: ls | grep apk DroidEdit_v1.23.6.apk I connect to my android phone with lftp from my desktop pc: lftp 192.168.31.130:3721 lftp 192.168.31.130:~> lcd Downloads lcd ok, local cwd=/home/debian/Downloads lftp 192.168.31.130:~> !ls DroidEdit_v1.23....
I have files ending with apk in my desktop pc's terminal:
ls | grep apk
DroidEdit_v1.23.6.apk
I connect to my android phone with lftp from my desktop pc:
lftp 192.168.31.130:3721
lftp 192.168.31.130:~> lcd Downloads
lcd ok, local cwd=/home/debian/Downloads
lftp 192.168.31.130:~> !ls
DroidEdit_v1.23.6.apk
Why can't the pipe be used in an lftp command?
lftp 192.168.31.130:/> !ls | !grep apk
bash: line 1: !grep: command not found
newview
(205 rep)
Nov 19, 2022, 06:24 AM
• Last activity: Nov 22, 2023, 06:26 PM
1
votes
0
answers
5321
views
How to get more details in log for lftp?
I'm fighting with logging on to an FTP server with lftp, and it simply hangs as shown below, despite having tried various things. The text below is all I get from lftp $ lftp lftp :~> debug -o log.txt -c -t 9 lftp :~> set ftp:ssl-force true lftp :~> set ssl:verify-certificate no lftp :~> set ftp:use...
I'm fighting with logging on to an FTP server with lftp, and it simply hangs as shown below, despite having tried various things. The text below is all I get from lftp
$ lftp
lftp :~> debug -o log.txt -c -t 9
lftp :~> set ftp:ssl-force true
lftp :~> set ssl:verify-certificate no
lftp :~> set ftp:use-feat false
lftp :~> connect ftp.dataforsyningen.dk -p 990
lftp ftp.dataforsyningen.dk:~> login MadsSkjern
Password:
lftp MadsSkjern@ftp.dataforsyningen.dk:~> ls
`ls' at 0 [TLS negotiation...]
After ten minutes, its still hanging there without having timed out. So I abort with ctrl+c.
I tried enabling logging with the highest level, 9 (source ). But the text below is all I get (the log includes me aborting with ctrl+c).
$ cat log.txt
2022-11-28 18:03:10 ftp.dataforsyningen.dk ---- Resolving host address...
2022-11-28 18:03:10 ftp.dataforsyningen.dk ---- IPv6 is not supported or configured
2022-11-28 18:03:10 ftp.dataforsyningen.dk ---- 1 address found: 188.64.158.165
2022-11-28 18:03:16 ftp.dataforsyningen.dk ---- Connecting to ftp.dataforsyningen.dk (188.64.158.165) port 990
2022-11-28 18:04:16 ---- Closing control socket
What is going on? Did they really write a piece of software that did not log any other details than these? Or what do I need to do, to make it print more details?
For comparison, the log from Filezilla, for a similar connect attempt is 157 lines, with the highest log level.
**Version and environent details**
LFTP | Version 4.9.2
Libraries used: GnuTLS 3.7.3, idn2 2.3.2, Readline 8.1, zlib 1.2.11
Ubuntu 22.04.3 LTS
Mads Skjern
(1005 rep)
Nov 28, 2022, 05:29 PM
• Last activity: Sep 1, 2023, 06:31 PM
9
votes
2
answers
3533
views
LFTP: Mirror to remote except particular file present on remote
I usually edit my website locally and push it with this command: lftp -u user,password host -e "mirror -c -e -R -x ^\.git/$ my /my; exit" But now, my website dynamically appends data to the `/my/data` file. I don't have this `/my/data` file locally. **QUESTION:** How to push without deleting `/my/da...
I usually edit my website locally and push it with this command:
lftp -u user,password host -e "mirror -c -e -R -x ^\.git/$ my /my; exit"
But now, my website dynamically appends data to the
/my/data file.
I don't have this /my/data file locally.
**QUESTION:** How to push without deleting /my/data and its content?
Notes:
- I could download /my/data and then run the command above, but data added in the few seconds before the download and the upload would get lost.
- For the other files/folders, local deletion should be mirrored by a remote deletion.
- I don't want to use --only-newer-like operations because clocks might not be adjusted.
Nicolas Raoul
(8465 rep)
Mar 13, 2014, 07:11 AM
• Last activity: May 12, 2023, 06:46 AM
0
votes
1
answers
906
views
Why is LFTP "Removing old file" in mirror?
I'm trying to mirror a website (of which I'm the webmaster) using LFTP, for backup. I use the LFTP command (actual paths, usernames, and passwords redacted for privacy): mirror -e -p --verbose=1 /public_html /mnt/lobster3raid/ /public_html It's working except that LFTP is removing each file from the...
I'm trying to mirror a website (of which I'm the webmaster) using LFTP, for backup.
I use the LFTP command (actual paths, usernames, and passwords redacted for privacy):
mirror -e -p --verbose=1 /public_html /mnt/lobster3raid//public_html
It's working except that LFTP is removing each file from the mirror and then re-transferring it, even if it hasn't changed on the webserver (I get this on every single file every time):
Removing old file `/IMG_2003.jpg'
Transferring file `/IMG_2003.jpg'
Removing old file `/IMG_2004.jpg'
Transferring file `/IMG_2004.jpg'
Removing old file `/IMG_2005.jpg'
Transferring file `/IMG_2005.jpg'
**How can I run a LFTP mirror that only transfers changed/newer files?**
More background:
The destination mirror is on a Windows share at \\\LOBSTER3\raid. I'm doing this on Windows. I had it working OK with Cygwin's LFTP for a while, but lately have been getting permission problems from Windows (apparently Cygwin's LFTP is setting permissions Windows doesn't like).
So I'm now using the LFTP in wsl (Ubuntu). I run this batch file from Windows:
wsl -u root -- mkdir /mnt/lobster3raid
wsl -u root -- mount -t drvfs \\\\lobster3\\raid /mnt/lobster3raid
wsl -- lftp -u , -e 'set ssl:check-hostname no; mirror -e -p --verbose=1 /public_html /mnt/lobster3raid/mirrors/1day/public_html'
nerdfever.com
(303 rep)
May 20, 2022, 01:35 AM
• Last activity: May 10, 2023, 06:59 PM
0
votes
1
answers
261
views
Using regular expression in lftp to ignore some strings from file name
Get specific file with name like abc_yyyymmdd_hhmmss.csv from directory using mget. Example files in a folder: abc_20221202_145911.csv abc_20221202_145921.csv abc_20221202_145941.csv abc_20181202_145941.csv But, I want to ignore hhmmss part. I want to get all files with abc_20221202_*.csv How to inc...
Get specific file with name like abc_yyyymmdd_hhmmss.csv from directory using mget.
Example files in a folder:
abc_20221202_145911.csv
abc_20221202_145921.csv
abc_20221202_145941.csv
abc_20181202_145941.csv
But, I want to ignore hhmmss part. I want to get all files with abc_20221202_*.csv
How to include * in mget.
My code below:
File=abc
Date=20221202
Filename=$File$Date"_*".csv
// Assume I have sftp connection established and I am in directory //where files with above naming convention are present. As I can //download the file when hardcoding exact file name during testing
conn='lftp $protocol://$user:$password@$sftp_server -p $port /error.log
cd $path
mget $Filename
DOWNLOAD'
The script is able to find the file but not able to retrieve it from the server.
But, if I remove * and provide the entire file name abc_20221202_145941.csv it will download the file. Why is * causing issue in retrieving the file
likeGreen
(101 rep)
Dec 5, 2022, 04:12 PM
• Last activity: Dec 6, 2022, 10:26 PM
0
votes
1
answers
3097
views
Get latest files with lftp
I would like to know if it was possible to download all latest files on an ftp server with `lftp` without downloading the older files. Examples; On my server I have /doc /vps /order/{id} /order/{id} /order/archives On my computer: /order/1010 /order/3058 If I delete `/order/3058`, the script must no...
I would like to know if it was possible to download all latest files on an ftp server with
lftp without downloading the older files.
Examples;
On my server I have
/doc
/vps
/order/{id}
/order/{id}
/order/archives
On my computer:
/order/1010
/order/3058
If I delete /order/3058, the script must not download it again.
I would like to download all /order/{id} as they become available. But, these change everyday and I don't want to download all order/{id} each time, only the latest.
The particularity is my server is secured with SSL and I need this to connect
set ftp:ssl-force true
set ftp:ssl-protect-data true
set ssl:verify-certificate false
Joeffrey
(1 rep)
Nov 18, 2015, 02:05 PM
• Last activity: Nov 2, 2022, 11:02 AM
3
votes
1
answers
2905
views
mv file/folder with blank-spaces in its name doesn't work - LFTP
I have 2 spaces: My **Synology NAS**. And my **FTP**. If we assume that some files on my local NAS are also in my FTP repository, I want to move some files on my local NAS AND on my FTP on different folders. eg: _After downloading files from FTP to NAS_ **NAS:** - **Move** from /volume1/Downloading/...
I have 2 spaces:
My **Synology NAS**. And my **FTP**. If we assume that some files on my local NAS are also in my FTP repository, I want to move some files on my local NAS AND on my FTP on different folders. eg: _After downloading files from FTP to NAS_
**NAS:**
- **Move** from /volume1/Downloading/file001 to /volume1/Downloaded/file001 **FTP:**
- **Move** from /downloads/file001 to /downloads/Finished/file001 Every files on the NAS are moved at the right path : **OK**
On my FTP, only files/folders that doesn't contain blank spaces are moved : **KO** So here is a part of the script we need to know:
#!/bin/sh # Inits ficLog=/volume1/ScriptsAndOutputs/logFTPSeedibox.txt downloadingFolderPath=/volume1/Downloading downloadedFolderPath=/volume1/Downloaded ftpDestinationPath=FinishedTmp # Configuration : ftp / user / pass servFTP=server userFTP=user passFTP=password for filePath in "${downloadingFolderPath}"/* ; do # As filePath is the complete path of the file we need to get the file NAME fileName=
My **Synology NAS**. And my **FTP**. If we assume that some files on my local NAS are also in my FTP repository, I want to move some files on my local NAS AND on my FTP on different folders. eg: _After downloading files from FTP to NAS_
**NAS:**
- **Move** from /volume1/Downloading/file001 to /volume1/Downloaded/file001 **FTP:**
- **Move** from /downloads/file001 to /downloads/Finished/file001 Every files on the NAS are moved at the right path : **OK**
On my FTP, only files/folders that doesn't contain blank spaces are moved : **KO** So here is a part of the script we need to know:
#!/bin/sh # Inits ficLog=/volume1/ScriptsAndOutputs/logFTPSeedibox.txt downloadingFolderPath=/volume1/Downloading downloadedFolderPath=/volume1/Downloaded ftpDestinationPath=FinishedTmp # Configuration : ftp / user / pass servFTP=server userFTP=user passFTP=password for filePath in "${downloadingFolderPath}"/* ; do # As filePath is the complete path of the file we need to get the file NAME fileName=
basename "${filePath}"
#Try to move it on FTP
lftp ftp://${userFTP}:${passFTP}@${servFTP} -e 'set ssl:verify-certificate false;set file:charset utf8;set ftp:charset utf8;cd downloads;mv "${fileName}" "${ftpDestinationPath}"'
res2=$?
#Then we move file on the NAS
mv "${filePath}" "${downloadedFolderPath}"
done
exit 0
Here is the output :
+ ficLog=/volume1/ScriptsAndOutputs/logFTPSeedibox.txt
+ downloadingFolderPath=/volume1/Downloading
+ downloadedFolderPath=/volume1/Downloaded
+ ftpDestinationPath=FinishedTmp
+ servFTP=server
+ userFTP=user
+ passFTP=password
+ for filePath in '"${downloadingFolderPath}"/*'
++ basename /volume1/Downloading/@eaDir
+ fileName=@eaDir
+ lftp ftp://user:password@server -e 'set ssl:verify-certificate false;set file:charset utf8;set ftp:charset utf8;cd downloads;mv "${fileName}" "${ftpDestinationPath}"'
cd ok, cwd=/downloads
mv ${fileName}=>${ftpDestinationPath} [Waiting for response...]
mv: Access failed: 550 RNFR command failed. (${fileName})
+ res2=1
+ mv /volume1/Downloading/@eaDir /volume1/Downloaded
mv: inter-device move failed: ‘/volume1/Downloading/@eaDir’ to ‘/volume1/Downloaded/@eaDir’; unable to remove target: Directory not empty
+ for filePath in '"${downloadingFolderPath}"/*'
++ basename '/volume1/Downloading/Folder With Files'
+ fileName='Folder With Files'
+ lftp ftp://user:password@server -e 'set ssl:verify-certificate false;set file:charset utf8;set ftp:charset utf8;cd downloads;mv "${fileName}" "${ftpDestinationPath}"'
cd ok, cwd=/downloads
mv ${fileName}=>${ftpDestinationPath} [Waiting for response...]
mv: Access failed: 550 RNFR command failed. (${fileName})
+ res2=1
+ mv '/volume1/Downloading/Folder With Files' /volume1/Downloaded
+ for filePath in '"${downloadingFolderPath}"/*'
++ basename /volume1/Downloading/Test_no_spaces.txt
+ fileName=Test_no_spaces.txt
+ lftp ftp://user:password@server -e 'set ssl:verify-certificate false;set file:charset utf8;set ftp:charset utf8;cd downloads;mv "${fileName}" "${ftpDestinationPath}"'
cd ok, cwd=/downloads
mv ${fileName}=>${ftpDestinationPath} [Waiting for response...]
mv: Access failed: 550 RNFR command failed. (${fileName})
+ res2=1
+ mv /volume1/Downloading/Test_no_spaces.txt /volume1/Downloaded
+ for filePath in '"${downloadingFolderPath}"/*'
++ basename '/volume1/Downloading/test_under et espaces.txt'
+ fileName='test_under et espaces.txt'
+ lftp ftp://user:password@server -e 'set ssl:verify-certificate false;set file:charset utf8;set ftp:charset utf8;cd downloads;mv "${fileName}" "${ftpDestinationPath}"'
cd ok, cwd=/downloads
mv ${fileName}=>${ftpDestinationPath} [Waiting for response...]
mv: Access failed: 550 RNFR command failed. (${fileName})
+ res2=1
+ mv '/volume1/Downloading/test_under et espaces.txt' /volume1/Downloaded
+ exit 0
As you can see, it's working for any folder/file on the NAS but only for files/folders names without blank-spaces on the FTP.
Can someone help me?
Thanks.
JuGdx
(31 rep)
Nov 30, 2016, 09:44 AM
• Last activity: Jul 12, 2022, 02:02 AM
0
votes
1
answers
403
views
is it possible to use ctrl+z in bash script to send lftp process to background?
we have a database that we take backup from it every night. backup files are 6 separate files in 6 separate directories. after backup is taken successfully, all parts will lftp to a remote server. the lftp commands are generated by a bash script which redirect output to a file named ftpfiles.sh then...
we have a database that we take backup from it every night. backup files are 6 separate files in 6 separate directories. after backup is taken successfully, all parts will lftp to a remote server. the lftp commands are generated by a bash script which redirect output to a file named ftpfiles.sh then execute it. here is the content of ftpfiles.sh:
lftp -u user,pass 1.1.1.1 mkdir BackUp
lftp user@1.1.1.:~> cd BackUp
lftp user@1.1.1.:~> lcd /data10/customerBackup
lftp user@1.1.1.:~> put CUSTOMER.0.DBPART000.20220705010003.001
'CUSTOMER.0.DBPART000.20220705010003.001' at 40555088 (1%) [Sending data] {I PRESSED CTRL+Z IN HERE}
put CUSTOMER.0.DBPART000.20220705010003.001 &
CUSTOMER.0.DBPART000.20220705010003.001 (8%) 45.85M/s eta:74s [Sending data]
lftp user@1.1.1.:~> quit
Moving to background to complete transfers...
[root@autodb /]#
i tried to achieve this in bash script but no luck. for example putting these in bash script:
(put CUSTOMER.0.DBPART000.20220705010003.001) &
put CUSTOMER.0.DBPART000.20220705010003.001 &
so is it possible to use ctrl+z in bash script to send lftp process to background?
also here is the script that generates lftp commands:
FTPFILES1='/data1/cronJobs/ftpfiles.sh'
DBNAME=CUSTOMER
##ftp files
cd /data1/cronJobs/
cat /dev/null > ftpfiles.sh
echo "lftp -u $FTPUSER,$FTPPASSWD $FTPSRV > $FTPFILES1
BACKUP_FILE_ARRAY=( /data*/"${DBNAME,,}"Backup/"$DBNAME.0.DBPART000".$(date +%Y%m%d)* )
for BACKUP_FILE in "${BACKUP_FILE_ARRAY[@]}"
do
echo "lcd $(dirname $BACKUP_FILE)" >> $FTPFILES1
echo "put $(basename $BACKUP_FILE)" >> $FTPFILES1
done
echo "quit
end_script
exit 0 " >> $FTPFILES1
BlackCrystal
(786 rep)
Jul 5, 2022, 05:12 AM
• Last activity: Jul 5, 2022, 05:56 AM
1
votes
2
answers
588
views
How do you expand a variable in a heredoc as one argument when its value has spaces?
I've created a script to upload via lftp: ```bash #! /usr/bin/bash set -xe if [ -n "$1" ]; then # ... else source="." # target=name of current local folder target="${PWD##*/}"/ cmd="mirror --reverse --continue --parallel=5 "$source" "$target"" fi lftp -u $user,$pass $host ``` running `lftp ... -e "$...
I've created a script to upload via lftp:
#! /usr/bin/bash
set -xe
if [ -n "$1" ]; then
# ...
else
source="."
# target=name of current local folder
target="${PWD##*/}"/
cmd="mirror --reverse --continue --parallel=5 "$source" "$target""
fi
lftp -u $user,$pass $hostlftp ... -e "$("${cmd[@]}")" gave this error:
open: option requires an argument -- 'e'
Usage: lftp [-e cmd] [-p port] [-u user[,pass]]
Daniel Kaplan
(1070 rep)
Apr 8, 2022, 11:04 PM
• Last activity: Apr 11, 2022, 10:26 AM
0
votes
0
answers
2642
views
How can I speed up my lftp uploads when I'm mirroring?
Here's my script: ```bash #! /usr/bin/bash set -xe local_path="${1-./}" lftp -u user,pass host << EOF set ftp:ssl-allow yes set ftp:ssl-protect-data yes set ftp:ssl-protect-list yes set ftp:ssl-force yes mirror --reverse --continue --parallel=5 . "$1" quit EOF ``` Is there anything I can change/add...
Here's my script:
#! /usr/bin/bash
set -xe
local_path="${1-./}"
lftp -u user,pass host << EOF
set ftp:ssl-allow yes
set ftp:ssl-protect-data yes
set ftp:ssl-protect-list yes
set ftp:ssl-force yes
mirror --reverse --continue --parallel=5 . "$1"
quit
EOF
Daniel Kaplan
(1070 rep)
Apr 2, 2022, 05:06 AM
0
votes
1
answers
3862
views
LFTP Script to Download Files and then move them to a remote directory
I found the following https://unix.stackexchange.com/questions/254841/lftp-script-to-download-files. The script will fit, but currently it deletes the files after successful transfer. But I want the files to be moved to another directory (e.g. backup) on the remote server after the transfer. I searc...
I found the following
https://unix.stackexchange.com/questions/254841/lftp-script-to-download-files .
The script will fit, but currently it deletes the files after successful transfer.
But I want the files to be moved to another directory (e.g. backup) on the remote server after the transfer.
I searched but did not find a parameter for the mmv command.
Can someone tell me how to do this?
Thanks.
t.weingart
(1 rep)
Mar 18, 2022, 09:19 PM
• Last activity: Mar 19, 2022, 08:58 AM
Showing page 1 of 20 total questions