All right, I've been working on this for days and I'm starting to tear my hair out:
I'm running a vsftpd server v2.0.6 (+SSL, +TCP wrappers) on CentOS 5.4, but Windows clients can't seem to authenticate to it (lftp/cygwin, SmartFTP, and FileZilla). Snow Leopard and Ubuntu 9.04 clients seem to connect fine using lftp
or curl
.
On the OS X and Ubuntu clients, the conversation looks like this:
SERVER <-> CLIENT
<- AUTH TLS
-> 234 Proceed with negotiation.
<- [some data that looks encrypted]
-> [some data that looks like a certificate]
And everything works ok.
However, on the Windows XP clients, the conversation looks like this:
SERVER <-> CLIENT
<- AUTH TLS
-> 234 Proceed with negotiation.
<- [some data that looks encrypted]
-> [server does not respond, client times out]
The vsftpd logs show this message when using Windows clients:
SSL_accept failed: error:00000000:lib(0):func(0):reason(0)
Here's what I've tried and I've gotten the same symptoms:
- Running vsftpd on OS X 10.6 and Ubuntu 9.0.4
- Enabling anonymous logins over SSL
- Different versions of vsftpd (2.0.7, 2.1.2, 2.2.2)
- Disabled SSL (everything works OK without SSL)
I can't switch to SFTP due to a requirement in the project.
This appears to be a software firewall issue with certain machines inside our company, not a VSFTPD issue.