Announcement

Collapse
No announcement yet.

FTP broken since yesterday

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    FTP broken since yesterday

    Our FTP client has been broken since yesterday. Cannot access any of our sites on our dedicated server. Support has been unable to find the problem. Tried on two of our computers and both are failing . Our FTP client is Ipswitch WS_FTP Professional.
    No settings in the software were changed prior to this issue.
    Anyone else having issues with this? Looking for a solution.
    Thanks, Larry
    Larry
    Luce Kanun Web Design
    www.facebook.com/wajake41
    www.plus.google.com/116415026668025242914/posts?hl=en



    #2
    I noticed the same thing yesterday. This post just reminded me of it. I don't have ftp access to multiple sites, also on a dedicated server. Error states that login or password are incorrect. They haven't been changed.
    Ron Frigon
    Jedi Webmaster Obi-Ron Kenobi

    Comment


      #3
      Are you both using WS_FTP? And Larry, I show no accesses to your server yesterday, are you positive that is the date this stopped working?

      What version of WS_FTP are you using?
      David Hubbard
      CIO
      Miva
      [email protected]
      http://www.miva.com

      Comment


        #4
        I have a feeling this may be a combination of:

        ws_ftp version
        patches related to security vulnerabilities
        use of FTP over SSH as opposed to FTP over SSL

        RedHat released two security patches a few days ago, which are auto installed by our servers, and one was to disable pre-authenticated SSH compression, the other removed some insecure key exchange algorithms and encryption ciphers. If you're using older client versions, they may not be compatible, similar to how older web browsers can't talk to web servers over https where the older SSLv2 and SSLv3 protocols have been disabled.

        Things to try:

        1) Set WS_FTP (when using FTP over SSH) to not use compression:

        https://blog.sunyconnect.suny.edu/20...xchange-error/

        2) Upgrade to a later version; I found instances of other people in the WS_FTP forums having the same problem with 12.5 but not 12.6:

        https://community.ipswitch.com/s/que...ble-algorithms

        If you get to pick and choose key exchange and encryption algorithms, our servers support the following for SSH (and FTP over SSH):

        Key Exchange: diffie-hellman-group-exchange-sha256
        Ciphers: aes256-ctr,aes192-ctr,aes128-ctr

        3) If you don't want to upgrade, try switching to using FTP over SSL. I'm not sure how this looks in WS_FTP but it should have an option for host, which remains the same, port switches from 22 to 21, if given the choice, you want Explicit FTP over SSL (vs implicit).

        David Hubbard
        CIO
        Miva
        [email protected]
        http://www.miva.com

        Comment


          #5
          Using Filezilla I'm able to connect. Dreamweaver gives me the login or password are incorrect. Connecting via SFTP. I haven't changed any settings, logins or passwords.

          Changing settings in Dreamweaver fixed my issue. FTP over SSL/TLS, explicit encryption, authentication set to None (encryption only)
          Ron Frigon
          Jedi Webmaster Obi-Ron Kenobi

          Comment


            #6
            Trying different setting, now my ftp client is stuck attempting to connect to our server. Have cancelled the ftp program, rebooted my computer. Ftp is still stuck trying to connect to our server.
            No fun today!!
            Larry
            Luce Kanun Web Design
            www.facebook.com/wajake41
            www.plus.google.com/116415026668025242914/posts?hl=en


            Comment


              #7
              After several minutes I have connected. Now after trying to close the connection I am waiting minutes. I have the spinning circle as the client attempt to disconnect.
              Larry
              Luce Kanun Web Design
              www.facebook.com/wajake41
              www.plus.google.com/116415026668025242914/posts?hl=en


              Comment


                #8
                Server must have coughed and cleared it's throat, I now can connect/disconnect as before quickly on one site. Now to see if I can get the other two sites working.
                Larry
                Luce Kanun Web Design
                www.facebook.com/wajake41
                www.plus.google.com/116415026668025242914/posts?hl=en


                Comment


                  #9
                  Now attempting to go to httpdoca folder from mm5. Taking minutes still not done.. Unable to close my ftp connection while waiting to display httpdocs folder.
                  It finally failed and I was able to close my connection. This is not good. Where's that cat, I need to kick something.
                  Last edited by wajake41; 06-15-17, 09:59 AM.
                  Larry
                  Luce Kanun Web Design
                  www.facebook.com/wajake41
                  www.plus.google.com/116415026668025242914/posts?hl=en


                  Comment


                    #10
                    Larry, this is probably a version issue for you. Your SFTP (ftp over ssh) client is attempting insecure key exchange algorithms. You're attempting:

                    hmac-md5,hmac-sha1

                    while the server only supports:

                    hmac-sha2-512,hmac-sha2-256

                    Only upgrading, or switching to FTPS (ftp over ssl), will fix that, since it's not likely an option you can un-check that's causing it to use those old algorithms.


                    David Hubbard
                    CIO
                    Miva
                    [email protected]
                    http://www.miva.com

                    Comment


                      #11
                      Appears that server type sftp/ssh is no longer valid for our server. What server type should I be using?
                      Larry
                      Luce Kanun Web Design
                      www.facebook.com/wajake41
                      www.plus.google.com/116415026668025242914/posts?hl=en


                      Comment


                        #12
                        sftp/ssh won't work because of your ws_ftp program's age; it's trying algorithms that have moved to being considered insecure. You'll want to use FTPS (FTP over SSL), and if given further options, that sometimes shows up as FTPS explicit (you don't want another option sometimes shown as FTP implicit). Port is 21.
                        David Hubbard
                        CIO
                        Miva
                        [email protected]
                        http://www.miva.com

                        Comment


                          #13
                          After my attempt to contact WS_FTP support I think it's time to get a different FTP client. Can someone recommend one? What release of FileZilla should I get? Or something else.
                          Thanks, Larry
                          Larry
                          Luce Kanun Web Design
                          www.facebook.com/wajake41
                          www.plus.google.com/116415026668025242914/posts?hl=en


                          Comment


                            #14
                            I think FileZilla is very good, but make sure you get it from the primary website and not a third party download, especially SourceForge. There are copies of it which have embedded malware and adware (the sourceforge version) because of how popular it is. Do that by going to their download archive:

                            http://download.filezilla-project.org/client/

                            and just grabbing the current release (3.26.2 right now).

                            If you have any directories on your websites with more than 10,000 files, and you are on Windows, I recommend SmartFTP:

                            https://www.smartftp.com/

                            it's the only FTP client I've found that doesn't grind to a halt when presented with a directory like that. (Future versions of Miva Merchant are going to begin segmenting the graphics directory so very large sites don't have that issue)
                            David Hubbard
                            CIO
                            Miva
                            [email protected]
                            http://www.miva.com

                            Comment


                              #15
                              Tried fillzilla. it's worth what it costs. Any other suggestions?
                              Cheers, Larry
                              Larry
                              Luce Kanun Web Design
                              www.facebook.com/wajake41
                              www.plus.google.com/116415026668025242914/posts?hl=en


                              Comment

                              Working...
                              X