VSFTPD FileZilla GnuTLS error -15 (unexpected TLS packet was received)

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
3
down vote

favorite












I set up two new CentOS 7 boxes simultaneously, so the configurations should be identical, just different ip addresses and host names.



I installed VSFTPD and configured for passive ports. One box connects fine, no issues, however the second box continuously throws me this error:



GnuTLS error -15: An unexpected TLS packet was received.


Here is the debug FileZilla trace:



Status: Connecting to 192.168.20.68:21...
Status: Connection established, waiting for welcome message...
Trace: CFtpControlSocket::OnReceive()
Response: 220 (vsFTPd 3.0.2)
Trace: CFtpControlSocket::SendNextCommand()
Command: AUTH TLS
Trace: CFtpControlSocket::OnReceive()
Response: 234 Proceed with negotiation.
Status: Initializing TLS...
Trace: CTlsSocket::Handshake()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnSend()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: TLS Handshake successful
Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD
Status: Verifying certificate...
Status: TLS connection established.
Trace: CFtpControlSocket::SendNextCommand()
Command: USER datamover
Trace: CTlsSocket::OnRead()
Trace: CFtpControlSocket::OnReceive()
Response: 331 Please specify the password.
Trace: CFtpControlSocket::SendNextCommand()
Command: PASS *******
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::Failure(-15)
Error: GnuTLS error -15: An unexpected TLS packet was received.
Trace: CRealControlSocket::OnClose(106)
Trace: CControlSocket::DoClose(64)
Trace: CFtpControlSocket::ResetOperation(66)
Trace: CControlSocket::ResetOperation(66)
Error: Could not connect to server


The error is always right after the password check.



I know the problem IS NOT SELinux, as I disabled that. The problem is also not the firewall, as I tried disabling the Firewall Daemon (firewalld).



Here is the relevant portion of the /etc/vsftpd/vsftpd.conf file.



listen=YES
listen_ipv6=NO
pasv_enable=YES
pasv_max_port=10100
pasv_min_port=10090
pasv_address=192.168.20.88

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
ssl_ciphers=HIGH
require_ssl_reuse=NO

rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem


I did a Google search but did not see any 15 error codes.



Thoughts?










share|improve this question

























    up vote
    3
    down vote

    favorite












    I set up two new CentOS 7 boxes simultaneously, so the configurations should be identical, just different ip addresses and host names.



    I installed VSFTPD and configured for passive ports. One box connects fine, no issues, however the second box continuously throws me this error:



    GnuTLS error -15: An unexpected TLS packet was received.


    Here is the debug FileZilla trace:



    Status: Connecting to 192.168.20.68:21...
    Status: Connection established, waiting for welcome message...
    Trace: CFtpControlSocket::OnReceive()
    Response: 220 (vsFTPd 3.0.2)
    Trace: CFtpControlSocket::SendNextCommand()
    Command: AUTH TLS
    Trace: CFtpControlSocket::OnReceive()
    Response: 234 Proceed with negotiation.
    Status: Initializing TLS...
    Trace: CTlsSocket::Handshake()
    Trace: CTlsSocket::ContinueHandshake()
    Trace: CTlsSocket::OnSend()
    Trace: CTlsSocket::OnRead()
    Trace: CTlsSocket::ContinueHandshake()
    Trace: CTlsSocket::OnRead()
    Trace: CTlsSocket::ContinueHandshake()
    Trace: CTlsSocket::OnRead()
    Trace: CTlsSocket::ContinueHandshake()
    Trace: TLS Handshake successful
    Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD
    Status: Verifying certificate...
    Status: TLS connection established.
    Trace: CFtpControlSocket::SendNextCommand()
    Command: USER datamover
    Trace: CTlsSocket::OnRead()
    Trace: CFtpControlSocket::OnReceive()
    Response: 331 Please specify the password.
    Trace: CFtpControlSocket::SendNextCommand()
    Command: PASS *******
    Trace: CTlsSocket::OnRead()
    Trace: CTlsSocket::Failure(-15)
    Error: GnuTLS error -15: An unexpected TLS packet was received.
    Trace: CRealControlSocket::OnClose(106)
    Trace: CControlSocket::DoClose(64)
    Trace: CFtpControlSocket::ResetOperation(66)
    Trace: CControlSocket::ResetOperation(66)
    Error: Could not connect to server


    The error is always right after the password check.



    I know the problem IS NOT SELinux, as I disabled that. The problem is also not the firewall, as I tried disabling the Firewall Daemon (firewalld).



    Here is the relevant portion of the /etc/vsftpd/vsftpd.conf file.



    listen=YES
    listen_ipv6=NO
    pasv_enable=YES
    pasv_max_port=10100
    pasv_min_port=10090
    pasv_address=192.168.20.88

    ssl_enable=YES
    allow_anon_ssl=NO
    force_local_data_ssl=YES
    force_local_logins_ssl=YES
    ssl_tlsv1=YES
    ssl_sslv2=NO
    ssl_sslv3=NO
    ssl_ciphers=HIGH
    require_ssl_reuse=NO

    rsa_cert_file=/etc/ssl/private/vsftpd.pem
    rsa_private_key_file=/etc/ssl/private/vsftpd.pem


    I did a Google search but did not see any 15 error codes.



    Thoughts?










    share|improve this question























      up vote
      3
      down vote

      favorite









      up vote
      3
      down vote

      favorite











      I set up two new CentOS 7 boxes simultaneously, so the configurations should be identical, just different ip addresses and host names.



      I installed VSFTPD and configured for passive ports. One box connects fine, no issues, however the second box continuously throws me this error:



      GnuTLS error -15: An unexpected TLS packet was received.


      Here is the debug FileZilla trace:



      Status: Connecting to 192.168.20.68:21...
      Status: Connection established, waiting for welcome message...
      Trace: CFtpControlSocket::OnReceive()
      Response: 220 (vsFTPd 3.0.2)
      Trace: CFtpControlSocket::SendNextCommand()
      Command: AUTH TLS
      Trace: CFtpControlSocket::OnReceive()
      Response: 234 Proceed with negotiation.
      Status: Initializing TLS...
      Trace: CTlsSocket::Handshake()
      Trace: CTlsSocket::ContinueHandshake()
      Trace: CTlsSocket::OnSend()
      Trace: CTlsSocket::OnRead()
      Trace: CTlsSocket::ContinueHandshake()
      Trace: CTlsSocket::OnRead()
      Trace: CTlsSocket::ContinueHandshake()
      Trace: CTlsSocket::OnRead()
      Trace: CTlsSocket::ContinueHandshake()
      Trace: TLS Handshake successful
      Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD
      Status: Verifying certificate...
      Status: TLS connection established.
      Trace: CFtpControlSocket::SendNextCommand()
      Command: USER datamover
      Trace: CTlsSocket::OnRead()
      Trace: CFtpControlSocket::OnReceive()
      Response: 331 Please specify the password.
      Trace: CFtpControlSocket::SendNextCommand()
      Command: PASS *******
      Trace: CTlsSocket::OnRead()
      Trace: CTlsSocket::Failure(-15)
      Error: GnuTLS error -15: An unexpected TLS packet was received.
      Trace: CRealControlSocket::OnClose(106)
      Trace: CControlSocket::DoClose(64)
      Trace: CFtpControlSocket::ResetOperation(66)
      Trace: CControlSocket::ResetOperation(66)
      Error: Could not connect to server


      The error is always right after the password check.



      I know the problem IS NOT SELinux, as I disabled that. The problem is also not the firewall, as I tried disabling the Firewall Daemon (firewalld).



      Here is the relevant portion of the /etc/vsftpd/vsftpd.conf file.



      listen=YES
      listen_ipv6=NO
      pasv_enable=YES
      pasv_max_port=10100
      pasv_min_port=10090
      pasv_address=192.168.20.88

      ssl_enable=YES
      allow_anon_ssl=NO
      force_local_data_ssl=YES
      force_local_logins_ssl=YES
      ssl_tlsv1=YES
      ssl_sslv2=NO
      ssl_sslv3=NO
      ssl_ciphers=HIGH
      require_ssl_reuse=NO

      rsa_cert_file=/etc/ssl/private/vsftpd.pem
      rsa_private_key_file=/etc/ssl/private/vsftpd.pem


      I did a Google search but did not see any 15 error codes.



      Thoughts?










      share|improve this question













      I set up two new CentOS 7 boxes simultaneously, so the configurations should be identical, just different ip addresses and host names.



      I installed VSFTPD and configured for passive ports. One box connects fine, no issues, however the second box continuously throws me this error:



      GnuTLS error -15: An unexpected TLS packet was received.


      Here is the debug FileZilla trace:



      Status: Connecting to 192.168.20.68:21...
      Status: Connection established, waiting for welcome message...
      Trace: CFtpControlSocket::OnReceive()
      Response: 220 (vsFTPd 3.0.2)
      Trace: CFtpControlSocket::SendNextCommand()
      Command: AUTH TLS
      Trace: CFtpControlSocket::OnReceive()
      Response: 234 Proceed with negotiation.
      Status: Initializing TLS...
      Trace: CTlsSocket::Handshake()
      Trace: CTlsSocket::ContinueHandshake()
      Trace: CTlsSocket::OnSend()
      Trace: CTlsSocket::OnRead()
      Trace: CTlsSocket::ContinueHandshake()
      Trace: CTlsSocket::OnRead()
      Trace: CTlsSocket::ContinueHandshake()
      Trace: CTlsSocket::OnRead()
      Trace: CTlsSocket::ContinueHandshake()
      Trace: TLS Handshake successful
      Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD
      Status: Verifying certificate...
      Status: TLS connection established.
      Trace: CFtpControlSocket::SendNextCommand()
      Command: USER datamover
      Trace: CTlsSocket::OnRead()
      Trace: CFtpControlSocket::OnReceive()
      Response: 331 Please specify the password.
      Trace: CFtpControlSocket::SendNextCommand()
      Command: PASS *******
      Trace: CTlsSocket::OnRead()
      Trace: CTlsSocket::Failure(-15)
      Error: GnuTLS error -15: An unexpected TLS packet was received.
      Trace: CRealControlSocket::OnClose(106)
      Trace: CControlSocket::DoClose(64)
      Trace: CFtpControlSocket::ResetOperation(66)
      Trace: CControlSocket::ResetOperation(66)
      Error: Could not connect to server


      The error is always right after the password check.



      I know the problem IS NOT SELinux, as I disabled that. The problem is also not the firewall, as I tried disabling the Firewall Daemon (firewalld).



      Here is the relevant portion of the /etc/vsftpd/vsftpd.conf file.



      listen=YES
      listen_ipv6=NO
      pasv_enable=YES
      pasv_max_port=10100
      pasv_min_port=10090
      pasv_address=192.168.20.88

      ssl_enable=YES
      allow_anon_ssl=NO
      force_local_data_ssl=YES
      force_local_logins_ssl=YES
      ssl_tlsv1=YES
      ssl_sslv2=NO
      ssl_sslv3=NO
      ssl_ciphers=HIGH
      require_ssl_reuse=NO

      rsa_cert_file=/etc/ssl/private/vsftpd.pem
      rsa_private_key_file=/etc/ssl/private/vsftpd.pem


      I did a Google search but did not see any 15 error codes.



      Thoughts?







      centos ftp vsftpd filezilla gnutls






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Mar 17 '16 at 22:09









      Sarah Weinberger

      3824818




      3824818




















          5 Answers
          5






          active

          oldest

          votes

















          up vote
          4
          down vote













          I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)



          My solution is following:



          I had to add following to vsftpd.conf:



          allow_writeable_chroot=YES

          chroot_local_user=YES
          local_root=/ftphome/$USER
          user_sub_token=$USER





          share|improve this answer




















          • Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
            – inukaze
            Feb 20 '17 at 6:15






          • 1




            i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
            – inukaze
            Feb 20 '17 at 6:24

















          up vote
          3
          down vote



          accepted










          I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.



          I did not have local_root in the /etc/vsftpd/vsftpd.conf file set properly. The setting pointed to a folder, which did not exist.



          What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.



          Here is the code fragment in the /etc/vsftpd/vsftpd.conf file, containing the local root.



          # You may specify an explicit list of local users to chroot() to their home
          # directory. If chroot_local_user is YES, then this list becomes a list of
          # users to NOT chroot().
          # (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
          # the user does not have write access to the top level directory within the
          # chroot)
          chroot_local_user=YES
          #local_root=/mnt/raid1
          local_root=/ftproot
          #chroot_list_enable=YES
          # (default follows)
          #chroot_list_file=/etc/vsftpd/chroot_list


          Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.



          # Activate logging of uploads/downloads.
          xferlog_enable=YES
          #
          # If you want, you can have your log file in standard ftpd xferlog format.
          # Note that the default log file location is /var/log/xferlog in this case.
          xferlog_std_format=NO
          log_ftp_protocol=YES
          #
          # Activate logging of uploads/downloads.
          xferlog_enable=YES


          IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES requires xferlog_enable=YES.






          share|improve this answer




















          • Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
            – Johano Fierra
            Dec 20 '17 at 16:47

















          up vote
          1
          down vote













          I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.






          share|improve this answer



























            up vote
            0
            down vote













            You need to allow writeable chroot in your configuration file:



            sudo nano /etc/vsftpd.conf


            Then add this line at the bottom:



            allow_writeable_chroot=YES


            And, restart the service:



            sudo service vsftpd restart





            share|improve this answer



























              up vote
              0
              down vote













              Weirdly for me this issue cropped up when trying to ls after logging in.



              It turned out to be that I had uninstalled httpd in favour of nginx and the folder I was using was owned apache:apache and the user got removed when I removed httpd.
              I chcon'd the directories to nginx:nginx and then replaced the user in these lines in my config file:

              guest_username=nginx
              nopriv_user=nginx



              Hopefully this helps someone out there because the error messages weren't helpful at all.






              share|improve this answer




















                Your Answer








                StackExchange.ready(function()
                var channelOptions =
                tags: "".split(" "),
                id: "106"
                ;
                initTagRenderer("".split(" "), "".split(" "), channelOptions);

                StackExchange.using("externalEditor", function()
                // Have to fire editor after snippets, if snippets enabled
                if (StackExchange.settings.snippets.snippetsEnabled)
                StackExchange.using("snippets", function()
                createEditor();
                );

                else
                createEditor();

                );

                function createEditor()
                StackExchange.prepareEditor(
                heartbeatType: 'answer',
                convertImagesToLinks: false,
                noModals: true,
                showLowRepImageUploadWarning: true,
                reputationToPostImages: null,
                bindNavPrevention: true,
                postfix: "",
                imageUploader:
                brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
                contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
                allowUrls: true
                ,
                onDemand: true,
                discardSelector: ".discard-answer"
                ,immediatelyShowMarkdownHelp:true
                );



                );













                 

                draft saved


                draft discarded


















                StackExchange.ready(
                function ()
                StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f270539%2fvsftpd-filezilla-gnutls-error-15-unexpected-tls-packet-was-received%23new-answer', 'question_page');

                );

                Post as a guest















                Required, but never shown

























                5 Answers
                5






                active

                oldest

                votes








                5 Answers
                5






                active

                oldest

                votes









                active

                oldest

                votes






                active

                oldest

                votes








                up vote
                4
                down vote













                I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)



                My solution is following:



                I had to add following to vsftpd.conf:



                allow_writeable_chroot=YES

                chroot_local_user=YES
                local_root=/ftphome/$USER
                user_sub_token=$USER





                share|improve this answer




















                • Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
                  – inukaze
                  Feb 20 '17 at 6:15






                • 1




                  i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
                  – inukaze
                  Feb 20 '17 at 6:24














                up vote
                4
                down vote













                I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)



                My solution is following:



                I had to add following to vsftpd.conf:



                allow_writeable_chroot=YES

                chroot_local_user=YES
                local_root=/ftphome/$USER
                user_sub_token=$USER





                share|improve this answer




















                • Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
                  – inukaze
                  Feb 20 '17 at 6:15






                • 1




                  i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
                  – inukaze
                  Feb 20 '17 at 6:24












                up vote
                4
                down vote










                up vote
                4
                down vote









                I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)



                My solution is following:



                I had to add following to vsftpd.conf:



                allow_writeable_chroot=YES

                chroot_local_user=YES
                local_root=/ftphome/$USER
                user_sub_token=$USER





                share|improve this answer












                I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)



                My solution is following:



                I had to add following to vsftpd.conf:



                allow_writeable_chroot=YES

                chroot_local_user=YES
                local_root=/ftphome/$USER
                user_sub_token=$USER






                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Aug 15 '16 at 13:23









                Gyan

                412




                412











                • Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
                  – inukaze
                  Feb 20 '17 at 6:15






                • 1




                  i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
                  – inukaze
                  Feb 20 '17 at 6:24
















                • Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
                  – inukaze
                  Feb 20 '17 at 6:15






                • 1




                  i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
                  – inukaze
                  Feb 20 '17 at 6:24















                Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
                – inukaze
                Feb 20 '17 at 6:15




                Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
                – inukaze
                Feb 20 '17 at 6:15




                1




                1




                i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
                – inukaze
                Feb 20 '17 at 6:24




                i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
                – inukaze
                Feb 20 '17 at 6:24












                up vote
                3
                down vote



                accepted










                I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.



                I did not have local_root in the /etc/vsftpd/vsftpd.conf file set properly. The setting pointed to a folder, which did not exist.



                What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.



                Here is the code fragment in the /etc/vsftpd/vsftpd.conf file, containing the local root.



                # You may specify an explicit list of local users to chroot() to their home
                # directory. If chroot_local_user is YES, then this list becomes a list of
                # users to NOT chroot().
                # (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
                # the user does not have write access to the top level directory within the
                # chroot)
                chroot_local_user=YES
                #local_root=/mnt/raid1
                local_root=/ftproot
                #chroot_list_enable=YES
                # (default follows)
                #chroot_list_file=/etc/vsftpd/chroot_list


                Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.



                # Activate logging of uploads/downloads.
                xferlog_enable=YES
                #
                # If you want, you can have your log file in standard ftpd xferlog format.
                # Note that the default log file location is /var/log/xferlog in this case.
                xferlog_std_format=NO
                log_ftp_protocol=YES
                #
                # Activate logging of uploads/downloads.
                xferlog_enable=YES


                IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES requires xferlog_enable=YES.






                share|improve this answer




















                • Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
                  – Johano Fierra
                  Dec 20 '17 at 16:47














                up vote
                3
                down vote



                accepted










                I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.



                I did not have local_root in the /etc/vsftpd/vsftpd.conf file set properly. The setting pointed to a folder, which did not exist.



                What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.



                Here is the code fragment in the /etc/vsftpd/vsftpd.conf file, containing the local root.



                # You may specify an explicit list of local users to chroot() to their home
                # directory. If chroot_local_user is YES, then this list becomes a list of
                # users to NOT chroot().
                # (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
                # the user does not have write access to the top level directory within the
                # chroot)
                chroot_local_user=YES
                #local_root=/mnt/raid1
                local_root=/ftproot
                #chroot_list_enable=YES
                # (default follows)
                #chroot_list_file=/etc/vsftpd/chroot_list


                Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.



                # Activate logging of uploads/downloads.
                xferlog_enable=YES
                #
                # If you want, you can have your log file in standard ftpd xferlog format.
                # Note that the default log file location is /var/log/xferlog in this case.
                xferlog_std_format=NO
                log_ftp_protocol=YES
                #
                # Activate logging of uploads/downloads.
                xferlog_enable=YES


                IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES requires xferlog_enable=YES.






                share|improve this answer




















                • Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
                  – Johano Fierra
                  Dec 20 '17 at 16:47












                up vote
                3
                down vote



                accepted







                up vote
                3
                down vote



                accepted






                I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.



                I did not have local_root in the /etc/vsftpd/vsftpd.conf file set properly. The setting pointed to a folder, which did not exist.



                What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.



                Here is the code fragment in the /etc/vsftpd/vsftpd.conf file, containing the local root.



                # You may specify an explicit list of local users to chroot() to their home
                # directory. If chroot_local_user is YES, then this list becomes a list of
                # users to NOT chroot().
                # (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
                # the user does not have write access to the top level directory within the
                # chroot)
                chroot_local_user=YES
                #local_root=/mnt/raid1
                local_root=/ftproot
                #chroot_list_enable=YES
                # (default follows)
                #chroot_list_file=/etc/vsftpd/chroot_list


                Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.



                # Activate logging of uploads/downloads.
                xferlog_enable=YES
                #
                # If you want, you can have your log file in standard ftpd xferlog format.
                # Note that the default log file location is /var/log/xferlog in this case.
                xferlog_std_format=NO
                log_ftp_protocol=YES
                #
                # Activate logging of uploads/downloads.
                xferlog_enable=YES


                IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES requires xferlog_enable=YES.






                share|improve this answer












                I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.



                I did not have local_root in the /etc/vsftpd/vsftpd.conf file set properly. The setting pointed to a folder, which did not exist.



                What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.



                Here is the code fragment in the /etc/vsftpd/vsftpd.conf file, containing the local root.



                # You may specify an explicit list of local users to chroot() to their home
                # directory. If chroot_local_user is YES, then this list becomes a list of
                # users to NOT chroot().
                # (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
                # the user does not have write access to the top level directory within the
                # chroot)
                chroot_local_user=YES
                #local_root=/mnt/raid1
                local_root=/ftproot
                #chroot_list_enable=YES
                # (default follows)
                #chroot_list_file=/etc/vsftpd/chroot_list


                Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.



                # Activate logging of uploads/downloads.
                xferlog_enable=YES
                #
                # If you want, you can have your log file in standard ftpd xferlog format.
                # Note that the default log file location is /var/log/xferlog in this case.
                xferlog_std_format=NO
                log_ftp_protocol=YES
                #
                # Activate logging of uploads/downloads.
                xferlog_enable=YES


                IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES requires xferlog_enable=YES.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Mar 18 '16 at 16:56









                Sarah Weinberger

                3824818




                3824818











                • Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
                  – Johano Fierra
                  Dec 20 '17 at 16:47
















                • Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
                  – Johano Fierra
                  Dec 20 '17 at 16:47















                Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
                – Johano Fierra
                Dec 20 '17 at 16:47




                Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
                – Johano Fierra
                Dec 20 '17 at 16:47










                up vote
                1
                down vote













                I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.






                share|improve this answer
























                  up vote
                  1
                  down vote













                  I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.






                  share|improve this answer






















                    up vote
                    1
                    down vote










                    up vote
                    1
                    down vote









                    I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.






                    share|improve this answer












                    I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Sep 13 '16 at 18:03









                    xs2rashid

                    111




                    111




















                        up vote
                        0
                        down vote













                        You need to allow writeable chroot in your configuration file:



                        sudo nano /etc/vsftpd.conf


                        Then add this line at the bottom:



                        allow_writeable_chroot=YES


                        And, restart the service:



                        sudo service vsftpd restart





                        share|improve this answer
























                          up vote
                          0
                          down vote













                          You need to allow writeable chroot in your configuration file:



                          sudo nano /etc/vsftpd.conf


                          Then add this line at the bottom:



                          allow_writeable_chroot=YES


                          And, restart the service:



                          sudo service vsftpd restart





                          share|improve this answer






















                            up vote
                            0
                            down vote










                            up vote
                            0
                            down vote









                            You need to allow writeable chroot in your configuration file:



                            sudo nano /etc/vsftpd.conf


                            Then add this line at the bottom:



                            allow_writeable_chroot=YES


                            And, restart the service:



                            sudo service vsftpd restart





                            share|improve this answer












                            You need to allow writeable chroot in your configuration file:



                            sudo nano /etc/vsftpd.conf


                            Then add this line at the bottom:



                            allow_writeable_chroot=YES


                            And, restart the service:



                            sudo service vsftpd restart






                            share|improve this answer












                            share|improve this answer



                            share|improve this answer










                            answered Jan 25 at 11:39









                            Ndianabasi

                            1




                            1




















                                up vote
                                0
                                down vote













                                Weirdly for me this issue cropped up when trying to ls after logging in.



                                It turned out to be that I had uninstalled httpd in favour of nginx and the folder I was using was owned apache:apache and the user got removed when I removed httpd.
                                I chcon'd the directories to nginx:nginx and then replaced the user in these lines in my config file:

                                guest_username=nginx
                                nopriv_user=nginx



                                Hopefully this helps someone out there because the error messages weren't helpful at all.






                                share|improve this answer
























                                  up vote
                                  0
                                  down vote













                                  Weirdly for me this issue cropped up when trying to ls after logging in.



                                  It turned out to be that I had uninstalled httpd in favour of nginx and the folder I was using was owned apache:apache and the user got removed when I removed httpd.
                                  I chcon'd the directories to nginx:nginx and then replaced the user in these lines in my config file:

                                  guest_username=nginx
                                  nopriv_user=nginx



                                  Hopefully this helps someone out there because the error messages weren't helpful at all.






                                  share|improve this answer






















                                    up vote
                                    0
                                    down vote










                                    up vote
                                    0
                                    down vote









                                    Weirdly for me this issue cropped up when trying to ls after logging in.



                                    It turned out to be that I had uninstalled httpd in favour of nginx and the folder I was using was owned apache:apache and the user got removed when I removed httpd.
                                    I chcon'd the directories to nginx:nginx and then replaced the user in these lines in my config file:

                                    guest_username=nginx
                                    nopriv_user=nginx



                                    Hopefully this helps someone out there because the error messages weren't helpful at all.






                                    share|improve this answer












                                    Weirdly for me this issue cropped up when trying to ls after logging in.



                                    It turned out to be that I had uninstalled httpd in favour of nginx and the folder I was using was owned apache:apache and the user got removed when I removed httpd.
                                    I chcon'd the directories to nginx:nginx and then replaced the user in these lines in my config file:

                                    guest_username=nginx
                                    nopriv_user=nginx



                                    Hopefully this helps someone out there because the error messages weren't helpful at all.







                                    share|improve this answer












                                    share|improve this answer



                                    share|improve this answer










                                    answered yesterday









                                    Elven Spellmaker

                                    12




                                    12



























                                         

                                        draft saved


                                        draft discarded















































                                         


                                        draft saved


                                        draft discarded














                                        StackExchange.ready(
                                        function ()
                                        StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f270539%2fvsftpd-filezilla-gnutls-error-15-unexpected-tls-packet-was-received%23new-answer', 'question_page');

                                        );

                                        Post as a guest















                                        Required, but never shown





















































                                        Required, but never shown














                                        Required, but never shown












                                        Required, but never shown







                                        Required, but never shown

































                                        Required, but never shown














                                        Required, but never shown












                                        Required, but never shown







                                        Required, but never shown






                                        Popular posts from this blog

                                        How to check contact read email or not when send email to Individual?

                                        Displaying single band from multi-band raster using QGIS

                                        How many registers does an x86_64 CPU actually have?