我在 Windows 服务器上设置了一个 FTP 服务器,默认 ftp 协议(20、21)运行良好,我需要它在 TLS 模式(990)下工作,但它坏了。
这是本地日志
Status: Connecting to 10.89.252.76:21... Status: Connection established, waiting for welcome message... Status: Initializing TLS... Status: Verifying certificate... Status: TLS connection established. Status: Logged in Status: Retrieving directory listing... Command: PWD Response: 257 "/" is current directory. Command: TYPE I Response: 200 Type set to I Command: PASV Response: 227 Entering Passive Mode (10,89,252,76,235,24) Command: MLSD Response: 425 Can't open data connection for transfer of "/" Error: Failed to retrieve directory listing
这是服务器日志
(000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> Connected on port 21, sending welcome message... (000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> 220-FileZilla Server 0.9.60 beta (000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> 220-written by Tim Kosse ([email protected]) (000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> 220 Please visit https://filezilla-project.org/ (000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> AUTH TLS (000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> 234 Using authentication type TLS (000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> TLS connection established (000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> USER admin (000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> 331 Password required for admin (000204)1/5/2019 16:30:37 PM - (not logged in) (10.133.78.56)> PASS ***** (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> 230 Logged on (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> PBSZ 0 (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> 200 PBSZ=0 (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> PROT P (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> 200 Protection level set to P (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> PWD (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> 257 "/" is current directory. (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> TYPE I (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> 200 Type set to I (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> PASV (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> 227 Entering Passive Mode (10,89,252,76,203,166) (000204)1/5/2019 16:30:37 PM - admin (10.133.78.56)> MLSD (000204)1/5/2019 16:30:47 PM - admin (10.133.78.56)> 425 Can't open data connection for transfer of "/"
答案1
您显示的日志文件不是来自端口 990 上的 FTPS(隐式 TLS,即从开始),而是清楚地(本地日志文件的第一行!)来自端口 21 上的 FTPS(显式 TLS,AUTH TLS
命令后的 TLS 升级)。
因此“要求明确的客户端中的“FTP over TLS”(最后一张图片)是正确的,但端口应该是 21,而不是 990。或者你可以使用隐式您似乎也在服务器上启用了端口 990 上的 TLS FTP。