VSFTPD FileZilla GnuTLS error -15 (unexpected TLS packet was received)
Clash Royale CLAN TAG#URR8PPP
up vote
3
down vote
favorite
I set up two new CentOS 7 boxes simultaneously, so the configurations should be identical, just different ip addresses and host names.
I installed VSFTPD and configured for passive ports. One box connects fine, no issues, however the second box continuously throws me this error:
GnuTLS error -15: An unexpected TLS packet was received.
Here is the debug FileZilla trace:
Status: Connecting to 192.168.20.68:21...
Status: Connection established, waiting for welcome message...
Trace: CFtpControlSocket::OnReceive()
Response: 220 (vsFTPd 3.0.2)
Trace: CFtpControlSocket::SendNextCommand()
Command: AUTH TLS
Trace: CFtpControlSocket::OnReceive()
Response: 234 Proceed with negotiation.
Status: Initializing TLS...
Trace: CTlsSocket::Handshake()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnSend()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: TLS Handshake successful
Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD
Status: Verifying certificate...
Status: TLS connection established.
Trace: CFtpControlSocket::SendNextCommand()
Command: USER datamover
Trace: CTlsSocket::OnRead()
Trace: CFtpControlSocket::OnReceive()
Response: 331 Please specify the password.
Trace: CFtpControlSocket::SendNextCommand()
Command: PASS *******
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::Failure(-15)
Error: GnuTLS error -15: An unexpected TLS packet was received.
Trace: CRealControlSocket::OnClose(106)
Trace: CControlSocket::DoClose(64)
Trace: CFtpControlSocket::ResetOperation(66)
Trace: CControlSocket::ResetOperation(66)
Error: Could not connect to server
The error is always right after the password check.
I know the problem IS NOT SELinux, as I disabled that. The problem is also not the firewall, as I tried disabling the Firewall Daemon (firewalld).
Here is the relevant portion of the /etc/vsftpd/vsftpd.conf file.
listen=YES
listen_ipv6=NO
pasv_enable=YES
pasv_max_port=10100
pasv_min_port=10090
pasv_address=192.168.20.88
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
ssl_ciphers=HIGH
require_ssl_reuse=NO
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
I did a Google search but did not see any 15 error codes.
Thoughts?
centos ftp vsftpd filezilla gnutls
add a comment |
up vote
3
down vote
favorite
I set up two new CentOS 7 boxes simultaneously, so the configurations should be identical, just different ip addresses and host names.
I installed VSFTPD and configured for passive ports. One box connects fine, no issues, however the second box continuously throws me this error:
GnuTLS error -15: An unexpected TLS packet was received.
Here is the debug FileZilla trace:
Status: Connecting to 192.168.20.68:21...
Status: Connection established, waiting for welcome message...
Trace: CFtpControlSocket::OnReceive()
Response: 220 (vsFTPd 3.0.2)
Trace: CFtpControlSocket::SendNextCommand()
Command: AUTH TLS
Trace: CFtpControlSocket::OnReceive()
Response: 234 Proceed with negotiation.
Status: Initializing TLS...
Trace: CTlsSocket::Handshake()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnSend()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: TLS Handshake successful
Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD
Status: Verifying certificate...
Status: TLS connection established.
Trace: CFtpControlSocket::SendNextCommand()
Command: USER datamover
Trace: CTlsSocket::OnRead()
Trace: CFtpControlSocket::OnReceive()
Response: 331 Please specify the password.
Trace: CFtpControlSocket::SendNextCommand()
Command: PASS *******
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::Failure(-15)
Error: GnuTLS error -15: An unexpected TLS packet was received.
Trace: CRealControlSocket::OnClose(106)
Trace: CControlSocket::DoClose(64)
Trace: CFtpControlSocket::ResetOperation(66)
Trace: CControlSocket::ResetOperation(66)
Error: Could not connect to server
The error is always right after the password check.
I know the problem IS NOT SELinux, as I disabled that. The problem is also not the firewall, as I tried disabling the Firewall Daemon (firewalld).
Here is the relevant portion of the /etc/vsftpd/vsftpd.conf file.
listen=YES
listen_ipv6=NO
pasv_enable=YES
pasv_max_port=10100
pasv_min_port=10090
pasv_address=192.168.20.88
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
ssl_ciphers=HIGH
require_ssl_reuse=NO
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
I did a Google search but did not see any 15 error codes.
Thoughts?
centos ftp vsftpd filezilla gnutls
add a comment |
up vote
3
down vote
favorite
up vote
3
down vote
favorite
I set up two new CentOS 7 boxes simultaneously, so the configurations should be identical, just different ip addresses and host names.
I installed VSFTPD and configured for passive ports. One box connects fine, no issues, however the second box continuously throws me this error:
GnuTLS error -15: An unexpected TLS packet was received.
Here is the debug FileZilla trace:
Status: Connecting to 192.168.20.68:21...
Status: Connection established, waiting for welcome message...
Trace: CFtpControlSocket::OnReceive()
Response: 220 (vsFTPd 3.0.2)
Trace: CFtpControlSocket::SendNextCommand()
Command: AUTH TLS
Trace: CFtpControlSocket::OnReceive()
Response: 234 Proceed with negotiation.
Status: Initializing TLS...
Trace: CTlsSocket::Handshake()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnSend()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: TLS Handshake successful
Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD
Status: Verifying certificate...
Status: TLS connection established.
Trace: CFtpControlSocket::SendNextCommand()
Command: USER datamover
Trace: CTlsSocket::OnRead()
Trace: CFtpControlSocket::OnReceive()
Response: 331 Please specify the password.
Trace: CFtpControlSocket::SendNextCommand()
Command: PASS *******
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::Failure(-15)
Error: GnuTLS error -15: An unexpected TLS packet was received.
Trace: CRealControlSocket::OnClose(106)
Trace: CControlSocket::DoClose(64)
Trace: CFtpControlSocket::ResetOperation(66)
Trace: CControlSocket::ResetOperation(66)
Error: Could not connect to server
The error is always right after the password check.
I know the problem IS NOT SELinux, as I disabled that. The problem is also not the firewall, as I tried disabling the Firewall Daemon (firewalld).
Here is the relevant portion of the /etc/vsftpd/vsftpd.conf file.
listen=YES
listen_ipv6=NO
pasv_enable=YES
pasv_max_port=10100
pasv_min_port=10090
pasv_address=192.168.20.88
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
ssl_ciphers=HIGH
require_ssl_reuse=NO
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
I did a Google search but did not see any 15 error codes.
Thoughts?
centos ftp vsftpd filezilla gnutls
I set up two new CentOS 7 boxes simultaneously, so the configurations should be identical, just different ip addresses and host names.
I installed VSFTPD and configured for passive ports. One box connects fine, no issues, however the second box continuously throws me this error:
GnuTLS error -15: An unexpected TLS packet was received.
Here is the debug FileZilla trace:
Status: Connecting to 192.168.20.68:21...
Status: Connection established, waiting for welcome message...
Trace: CFtpControlSocket::OnReceive()
Response: 220 (vsFTPd 3.0.2)
Trace: CFtpControlSocket::SendNextCommand()
Command: AUTH TLS
Trace: CFtpControlSocket::OnReceive()
Response: 234 Proceed with negotiation.
Status: Initializing TLS...
Trace: CTlsSocket::Handshake()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnSend()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::ContinueHandshake()
Trace: TLS Handshake successful
Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD
Status: Verifying certificate...
Status: TLS connection established.
Trace: CFtpControlSocket::SendNextCommand()
Command: USER datamover
Trace: CTlsSocket::OnRead()
Trace: CFtpControlSocket::OnReceive()
Response: 331 Please specify the password.
Trace: CFtpControlSocket::SendNextCommand()
Command: PASS *******
Trace: CTlsSocket::OnRead()
Trace: CTlsSocket::Failure(-15)
Error: GnuTLS error -15: An unexpected TLS packet was received.
Trace: CRealControlSocket::OnClose(106)
Trace: CControlSocket::DoClose(64)
Trace: CFtpControlSocket::ResetOperation(66)
Trace: CControlSocket::ResetOperation(66)
Error: Could not connect to server
The error is always right after the password check.
I know the problem IS NOT SELinux, as I disabled that. The problem is also not the firewall, as I tried disabling the Firewall Daemon (firewalld).
Here is the relevant portion of the /etc/vsftpd/vsftpd.conf file.
listen=YES
listen_ipv6=NO
pasv_enable=YES
pasv_max_port=10100
pasv_min_port=10090
pasv_address=192.168.20.88
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
ssl_ciphers=HIGH
require_ssl_reuse=NO
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
I did a Google search but did not see any 15 error codes.
Thoughts?
centos ftp vsftpd filezilla gnutls
centos ftp vsftpd filezilla gnutls
asked Mar 17 '16 at 22:09
Sarah Weinberger
3824818
3824818
add a comment |
add a comment |
5 Answers
5
active
oldest
votes
up vote
4
down vote
I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)
My solution is following:
I had to add following to vsftpd.conf:
allow_writeable_chroot=YES
chroot_local_user=YES
local_root=/ftphome/$USER
user_sub_token=$USER
Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
– inukaze
Feb 20 '17 at 6:15
1
i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
– inukaze
Feb 20 '17 at 6:24
add a comment |
up vote
3
down vote
accepted
I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.
I did not have local_root
in the /etc/vsftpd/vsftpd.conf
file set properly. The setting pointed to a folder, which did not exist.
What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.
Here is the code fragment in the /etc/vsftpd/vsftpd.conf
file, containing the local root.
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
chroot_local_user=YES
#local_root=/mnt/raid1
local_root=/ftproot
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=NO
log_ftp_protocol=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES
requires xferlog_enable=YES
.
Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
– Johano Fierra
Dec 20 '17 at 16:47
add a comment |
up vote
1
down vote
I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.
add a comment |
up vote
0
down vote
You need to allow writeable chroot in your configuration file:
sudo nano /etc/vsftpd.conf
Then add this line at the bottom:
allow_writeable_chroot=YES
And, restart the service:
sudo service vsftpd restart
add a comment |
up vote
0
down vote
Weirdly for me this issue cropped up when trying to ls
after logging in.
It turned out to be that I had uninstalled httpd
in favour of nginx
and the folder I was using was owned apache:apache
and the user got removed when I removed httpd
.
I chcon
'd the directories to nginx:nginx
and then replaced the user in these lines in my config file:
guest_username=nginx
nopriv_user=nginx
Hopefully this helps someone out there because the error messages weren't helpful at all.
add a comment |
5 Answers
5
active
oldest
votes
5 Answers
5
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
4
down vote
I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)
My solution is following:
I had to add following to vsftpd.conf:
allow_writeable_chroot=YES
chroot_local_user=YES
local_root=/ftphome/$USER
user_sub_token=$USER
Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
– inukaze
Feb 20 '17 at 6:15
1
i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
– inukaze
Feb 20 '17 at 6:24
add a comment |
up vote
4
down vote
I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)
My solution is following:
I had to add following to vsftpd.conf:
allow_writeable_chroot=YES
chroot_local_user=YES
local_root=/ftphome/$USER
user_sub_token=$USER
Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
– inukaze
Feb 20 '17 at 6:15
1
i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
– inukaze
Feb 20 '17 at 6:24
add a comment |
up vote
4
down vote
up vote
4
down vote
I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)
My solution is following:
I had to add following to vsftpd.conf:
allow_writeable_chroot=YES
chroot_local_user=YES
local_root=/ftphome/$USER
user_sub_token=$USER
I had same error after PASS command in CENTOS 7. (GnuTLS error -15: An unexpected TLS packet was received.)
My solution is following:
I had to add following to vsftpd.conf:
allow_writeable_chroot=YES
chroot_local_user=YES
local_root=/ftphome/$USER
user_sub_token=$USER
answered Aug 15 '16 at 13:23
Gyan
412
412
Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
– inukaze
Feb 20 '17 at 6:15
1
i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
– inukaze
Feb 20 '17 at 6:24
add a comment |
Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
– inukaze
Feb 20 '17 at 6:15
1
i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
– inukaze
Feb 20 '17 at 6:24
Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
– inukaze
Feb 20 '17 at 6:15
Thank you, for my file /etc/vsftpd.conf i add : user_sub_token=$USER and now not have the GNUTLS error -15 Right now i get another error : The data connection could not be established: ECONNREFUSED - Connection refused by server
– inukaze
Feb 20 '17 at 6:15
1
1
i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
– inukaze
Feb 20 '17 at 6:24
i solved on my file /etc/vsftpd.conf, i put the same value for "listen_address=192.168.1.2" & "pasv_address=192.168.1.2" i add this last and works i need it :D
– inukaze
Feb 20 '17 at 6:24
add a comment |
up vote
3
down vote
accepted
I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.
I did not have local_root
in the /etc/vsftpd/vsftpd.conf
file set properly. The setting pointed to a folder, which did not exist.
What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.
Here is the code fragment in the /etc/vsftpd/vsftpd.conf
file, containing the local root.
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
chroot_local_user=YES
#local_root=/mnt/raid1
local_root=/ftproot
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=NO
log_ftp_protocol=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES
requires xferlog_enable=YES
.
Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
– Johano Fierra
Dec 20 '17 at 16:47
add a comment |
up vote
3
down vote
accepted
I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.
I did not have local_root
in the /etc/vsftpd/vsftpd.conf
file set properly. The setting pointed to a folder, which did not exist.
What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.
Here is the code fragment in the /etc/vsftpd/vsftpd.conf
file, containing the local root.
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
chroot_local_user=YES
#local_root=/mnt/raid1
local_root=/ftproot
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=NO
log_ftp_protocol=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES
requires xferlog_enable=YES
.
Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
– Johano Fierra
Dec 20 '17 at 16:47
add a comment |
up vote
3
down vote
accepted
up vote
3
down vote
accepted
I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.
I did not have local_root
in the /etc/vsftpd/vsftpd.conf
file set properly. The setting pointed to a folder, which did not exist.
What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.
Here is the code fragment in the /etc/vsftpd/vsftpd.conf
file, containing the local root.
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
chroot_local_user=YES
#local_root=/mnt/raid1
local_root=/ftproot
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=NO
log_ftp_protocol=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES
requires xferlog_enable=YES
.
I am posting this answer in hopes that it might help someone in the future, possibly me, as I suffered solving this problem.
I did not have local_root
in the /etc/vsftpd/vsftpd.conf
file set properly. The setting pointed to a folder, which did not exist.
What through me was that I saw the failure on the password command in FileZilla, so I thought that it did not like the password. What got me thinking in the right direction was that I took the time to research why I was not receiving detailed logs. I received no logs. Once I started receiving debug logs, where I saw the FTP protocols, I saw that the FTP server said OK to the password. Sadly, there was no logging of any kind, but I came across the thought that negotiating the local root would be the next course of action after authenticating the password. I was right and that led me to the problem.
Here is the code fragment in the /etc/vsftpd/vsftpd.conf
file, containing the local root.
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
chroot_local_user=YES
#local_root=/mnt/raid1
local_root=/ftproot
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
Here is how I finally turned on verbose logging, though I will turn that off now to conserve disk space and improve performance.
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=NO
log_ftp_protocol=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
IMHO, I would consider the comment a bug, as xferlog_enable is more than the actual upload and download of files. This property also turns on logging. A Google research proves that log_ftp_protocol=YES
requires xferlog_enable=YES
.
answered Mar 18 '16 at 16:56
Sarah Weinberger
3824818
3824818
Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
– Johano Fierra
Dec 20 '17 at 16:47
add a comment |
Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
– Johano Fierra
Dec 20 '17 at 16:47
Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
– Johano Fierra
Dec 20 '17 at 16:47
Just ran into the same trap due to a misspelling. Setting a valid local_root directory solved the issue.
– Johano Fierra
Dec 20 '17 at 16:47
add a comment |
up vote
1
down vote
I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.
add a comment |
up vote
1
down vote
I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.
add a comment |
up vote
1
down vote
up vote
1
down vote
I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.
I faced exact same error(Error: GnuTLS error -15: An unexpected TLS packet was received.) and banged my head for like an hour but then i figured out that ftp users home directory which was on Gluster volume was not mounted. Mounted Gluster volume and issue resolved.
answered Sep 13 '16 at 18:03
xs2rashid
111
111
add a comment |
add a comment |
up vote
0
down vote
You need to allow writeable chroot in your configuration file:
sudo nano /etc/vsftpd.conf
Then add this line at the bottom:
allow_writeable_chroot=YES
And, restart the service:
sudo service vsftpd restart
add a comment |
up vote
0
down vote
You need to allow writeable chroot in your configuration file:
sudo nano /etc/vsftpd.conf
Then add this line at the bottom:
allow_writeable_chroot=YES
And, restart the service:
sudo service vsftpd restart
add a comment |
up vote
0
down vote
up vote
0
down vote
You need to allow writeable chroot in your configuration file:
sudo nano /etc/vsftpd.conf
Then add this line at the bottom:
allow_writeable_chroot=YES
And, restart the service:
sudo service vsftpd restart
You need to allow writeable chroot in your configuration file:
sudo nano /etc/vsftpd.conf
Then add this line at the bottom:
allow_writeable_chroot=YES
And, restart the service:
sudo service vsftpd restart
answered Jan 25 at 11:39
Ndianabasi
1
1
add a comment |
add a comment |
up vote
0
down vote
Weirdly for me this issue cropped up when trying to ls
after logging in.
It turned out to be that I had uninstalled httpd
in favour of nginx
and the folder I was using was owned apache:apache
and the user got removed when I removed httpd
.
I chcon
'd the directories to nginx:nginx
and then replaced the user in these lines in my config file:
guest_username=nginx
nopriv_user=nginx
Hopefully this helps someone out there because the error messages weren't helpful at all.
add a comment |
up vote
0
down vote
Weirdly for me this issue cropped up when trying to ls
after logging in.
It turned out to be that I had uninstalled httpd
in favour of nginx
and the folder I was using was owned apache:apache
and the user got removed when I removed httpd
.
I chcon
'd the directories to nginx:nginx
and then replaced the user in these lines in my config file:
guest_username=nginx
nopriv_user=nginx
Hopefully this helps someone out there because the error messages weren't helpful at all.
add a comment |
up vote
0
down vote
up vote
0
down vote
Weirdly for me this issue cropped up when trying to ls
after logging in.
It turned out to be that I had uninstalled httpd
in favour of nginx
and the folder I was using was owned apache:apache
and the user got removed when I removed httpd
.
I chcon
'd the directories to nginx:nginx
and then replaced the user in these lines in my config file:
guest_username=nginx
nopriv_user=nginx
Hopefully this helps someone out there because the error messages weren't helpful at all.
Weirdly for me this issue cropped up when trying to ls
after logging in.
It turned out to be that I had uninstalled httpd
in favour of nginx
and the folder I was using was owned apache:apache
and the user got removed when I removed httpd
.
I chcon
'd the directories to nginx:nginx
and then replaced the user in these lines in my config file:
guest_username=nginx
nopriv_user=nginx
Hopefully this helps someone out there because the error messages weren't helpful at all.
answered yesterday
Elven Spellmaker
12
12
add a comment |
add a comment |
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f270539%2fvsftpd-filezilla-gnutls-error-15-unexpected-tls-packet-was-received%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown