FTP using *SSL

0 pts.
Tags:
Access control
AS/400
Browsers
filtering
Security
Servers
SSL/TLS
TCP
Web security
I am running v5r3 and am attempting to FTP to a Tumbleweed Securetransport server from our iSeries system using the command: FTP RMTSYS(xxxx) PORT(999) SECCNN(*SSL) I get the following response: Connecting to host xxxx at address xx.xxx.xxx.xx using port 999. 220 qweb1 FTP server (SecureTransport 4.5.1) ready. 334 SSLv23/TLSv1 The connection isn't opened and IBM support stated that the FTP server should not be responding with a 334 reply and is not correctly following the RFC. When I use a secureFTP windows client, it accepts the 334 response and allows me to send my user data. Does anyone have any comments regarding the appropriate response from the FTP server or any suggestions? Thanks
ASKED: October 4, 2006  12:23 PM
UPDATED: October 4, 2006  1:01 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

This will not help with problem, but may stop you chasing re herrings.

Quick google for FTP RFC SSL should find comment below.
———————————————————
“AUTH SSL”
Connect as usual to port 21 and use “AUTH SSL” or “AUTH TLS-P” to ask for SSL negotiation and implicitly protect further data connections. THIS IS BAD why ? (There is also a compatibility problem here, in that Tim Hudson’s original code gave a ’334′ reply to AUTH SSL – this is now considered harmful and ’234′ should be used. Clients are OK because they can accept both – but there still exist some broken servers which send ’334′)
———————————————————–

IBM are right, and wrong – Server should not be sending ’334′, but their client should not throw a wobbly because it does. Believe only server spec was changed, so Client should still accept ’334′. Unlikely you will convince IBM to change there Client, so best hope is to find updated server version, or go with different server software.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following