我正在使用此代码尝试建立与Windows FTP服务的FTP连接
FtpClient client = new FtpClient(ip, user, password);
client.ConnectTimeout = 600000;
client.ReadTimeout = 60000;
client.EncryptionMode = FtpEncryptionMode.Implicit;
client.SslProtocols = System.Security.Authentication.SslProtocols.Tls;
client.DataConnectionType = FluentFTP.FtpDataConnectionType.PASV;
client.ValidateAnyCertificate = true;
client.Connect();
在Windows计算机中,连接已正确建立,但是从我的Ubuntu计算机无法建立连接,我总是会收到错误消息
"error:141E70BF:SSL routines:tls_construct_client_hello:no protocols available"
我该如何进行这项工作?
=============更新
我尝试了FTPClient的AutoDetect方法,但该方法未检索任何配置文件
自动连接方法似乎也可以连接,但是当我尝试获取文件夹列表时,会出现一个错误,即配置文件需要SSL
当我为客户端启用跟踪时,我会在日志中得到以下输出:
# Connect()
Status: Connecting to server:21
Response: 220-Microsoft FTP Service
Response: 220 ************************************************************
Status: Detected FTP server: WindowsServerIIS
Command: AUTH TLS
Response: 234 AUTH command ok. Expecting TLS Negotiation.
Status: Disposing FtpSocketStream...
Error: FTPS Authentication Failed
答案 0 :(得分:0)
我只是按照这篇文章中的说明弄清楚了如何进行这项工作:
OpenSSL v1.1.1 Ubuntu 20 TLSv1 - no protocols available
和另外一个
https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level
在我的情况下,我要定位的服务器似乎很旧,nmap输出是这样的:
21/tcp open ftp
| ssl-enum-ciphers:
| SSLv3:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
| compressors:
| NULL
| cipher preference: server
| TLSv1.0:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
| TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
| compressors:
| NULL
| cipher preference: server
| warnings:
| 64-bit block cipher 3DES vulnerable to SWEET32 attack
| Broken cipher RC4 is deprecated by RFC 7465
| Ciphersuite uses MD5 for message integrity
| Weak certificate signature: SHA1
|_ least strength: C
我必须将openssl配置为使用现在已经不推荐使用的TLSv1