× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. September 2023

RE: FTP Secure Connection Error

Marc,

Thanks! I didn't know that.

I turned on logging and found this in the log:
. 2023-09-05 14:17:51.126 Using TLSv1.2, cipher TLSv1.2: ECDHE-RSA-AES256-SHA384, 2048 bit RSA, ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384

It appears I have the cipher enabled. Although, the IBM cipher has -GCM- in the name (so I'm not sure if they are the same)

I opened a case with IBM and sent them a trace.

Thanks,
Greg

-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Marc Rauzier
Sent: Tuesday, September 5, 2023 1:30 PM
To: midrange-l@xxxxxxxxxxxxxxxxxx
Subject: Re: FTP Secure Connection Error


With WINSCP, if you enable logging to debug 2, you can check which
protocol and cipher are used. Example for me when I connect to pub400.com

. 2023-09-05 19:24:08.749 Connecting to pub400.com ...
. 2023-09-05 19:24:08.749 Connected
. 2023-09-05 19:24:08.749 TLS layer changed state from unconnected to
connecting
. 2023-09-05 19:24:08.749 TLS layer changed state from connecting to
connected
. 2023-09-05 19:24:08.749 Connected with pub400.com, negotiating TLS
connection...
. 2023-09-05 19:24:08.771 Read 25 bytes
< 2023-09-05 19:24:08.771 220-QTCP at PUB400.COM.
. 2023-09-05 19:24:08.846 Read 59 bytes
< 2023-09-05 19:24:08.846 220 Connection will close if idle more than
1666 minutes.
2023-09-05 19:24:08.846 AUTH TLS
. 2023-09-05 19:24:08.872 Read 53 bytes
< 2023-09-05 19:24:08.872 234 Security mechanism accepted; start
negotiation.
. 2023-09-05 19:24:08.876 No data to read
. 2023-09-05 19:24:08.903 TLS connect: SSLv3/TLS write client hello
. 2023-09-05 19:24:08.927 TLS connect: SSLv3/TLS read server hello
. 2023-09-05 19:24:08.927 TLS connect: TLSv1.3 read encrypted extensions
. 2023-09-05 19:24:08.933 TLS connect: SSLv3/TLS read server certificate
. 2023-09-05 19:24:08.935 TLS connect: TLSv1.3 read server certificate
verify
. 2023-09-05 19:24:08.935 TLS connect: SSLv3/TLS read finished
. 2023-09-05 19:24:08.935 TLS connect: SSLv3/TLS write change cipher spec
. 2023-09-05 19:24:08.935 TLS connect: SSLv3/TLS write finished
. 2023-09-05 19:24:08.936 Verifying certificate for "" with fingerprint
b8:82:e2:15:a3:49:09:f6:64:c2:cf:e7:d4:da:c0:62:b5:0f:fa:2e:52:6e:47:67:72:a7:cc:93:a3:da:6b:cf
and 19 failures
. 2023-09-05 19:24:08.936 Certificate common name "pub400.com" matches
hostname
. 2023-09-05 19:24:09.345 Certificate verified against Windows
certificate store
. 2023-09-05 19:24:09.345 Using TLSv1.3, cipher TLSv1.3:
TLS_AES_128_GCM_SHA256, 2048 bit RSA, TLS_AES_128_GCM_SHA256 TLSv1.3
Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
. 2023-09-05 19:24:09.345 Session upkeep
. 2023-09-05 19:24:09.414 TLS connection established. Waiting for
welcome message...
2023-09-05 19:24:09.414 USER DIMARCO
. 2023-09-05 19:24:09.414 TLS connect: SSL negotiation finished successfully
. 2023-09-05 19:24:09.414 TLS connect: SSL negotiation finished successfully




As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.