FTP\u670d\u52a1\u5668: vsftpd
FTP\u5ba2\u6237\u7aef: filezilla
\u51fa\u9519\u63d0\u793a: GnuTLS error -8: A record packet with illegal version was received.<\/p>\n
\u676f\u5177\u7684\u6211, \u7531\u4e8e\u4e0a\u8ff0error,\u6298\u817e\u4e86\u5f88\u4e45. \u6700\u540e\u5728\u8fd9\u7bc7\u535a\u6587(http:\/\/ramblings.linkerror.com\/?p=45)\u91cc\u627e\u5230\u4e00\u70b9\u63d0\u793a,<\/p>\n
\u7136\u540e\u5c31\u8bf7\u51fawireshark,\u5728\u6536\u5230\u670d\u52a1\u5668\u7684\u4e00\u6761500 opps\u4e4b\u540e \u5ba2\u6237\u7aef\u53d1\u51fa\u4e86\u4e00\u4e2aRST<\/p>\n \u7d27\u63a5\u7740,\u670d\u52a1\u5668\u8fd4\u56de\u4e86\u4e00\u4e2aresponse, \u63ed\u793a\u4e86\u51fa\u9519\u7684\u539f\u56e0,\u539f\u6765\u662fvsftpd\u670d\u52a1\u7aef\u7684\u914d\u7f6e\u6587\u4ef6\u5199\u9519\u4e86!<\/p>\n \u7ecf\u68c0\u67e5,\u662f\u6211\u5c06 \u4e0b\u4e00\u9875\u9644\u4e0a\u90a3\u7bc7\u535a\u6587,\u4ee5\u4f5c\u8bb0\u5f55. GnuTLS error -8: A record packet with illegal version was received<\/p>\n You\u2019re not finding any relevant error messages in your vsftpd log file, nor in the xferlog, nor in \/var\/log\/messages ?<\/p>\n Well, vsftpd seems to be horribly un-verbose. The cause of this error is not because of some obscure TLS problem. What\u2019s causing it is vsftpd dumping out a plain-text error in the middle of the encrypted data stream, causing the ftp client to pop out this error.<\/p>\n The only way to debug this was by packet sniffing the actual connection with wireshark. Following the TCP stream with wireshark, the error I was looking for in the log files, was clearly visible at the end of the TLS encrypted data, before the connection dropped.<\/p>\n Something like:<\/p>\n \5_TXC,[1d.c}$D12N8(,”ndKm:?Y5O\M)5{nj2*Uaiym8-T4rt2c'#\/K( It turned out to be a simple permissions issue\u2026 . Had encryption not been enabled in vsftpd, the error would have been visible in the FTP client.<\/p>\n So to any one encountering this, I would recommend either temporarily disabling encryption in vsftpd in order to see the error, or if that is not an option, use a packet sniffer to view the error.<\/p>\n I figured I would post this since google didn\u2019t bring up much useful as I was debugging this. \ud83d\ude42<\/p>\n
local_root=\/aaaa\/bbbb\/
\u9519\u5199\u6210\u4e86
local_rot=\/aaaa\/bbbb\/<\/p>\n
http:\/\/ramblings.linkerror.com\/?p=45
Posted on: Wednesday, April 22nd, 2009 at 03:56.
Filed under: All, ServerAdmin.
RSS 2.0 feed for comments.
You can leave a response, or trackback from your own site.
vsftpd debugging
If you\u2019re ever working with vsftpd, and filezilla dumps out this error:<\/p>\n
dvU2@:M.&.X=:-A*4aUm3:)!)y5Kt$'&”ZQN:'v%X500 OOPS: Cannot change directory: \/foo<\/p>\n
Why vsftpd isn\u2019t logging these to it\u2019s own log file, or even syslogd, who knows. At the most verbose configuration, it is logging all sorts of things, except the actual error causing the problem!<\/p>\n