Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

Keepass Change Port

Help
Spamator
2012-10-29
2012-12-11
  • Spamator
    Spamator
    2012-10-29

    Hello All,

    I use Keepass 2.20 , the plugin IOProtocolExt  2.6 and WinSCP 4.3.7
    At the beginning I set up an IIS 7.5 server with SSL encryption  for use FTPS. this protocol uses port 990,  but this one is blocked my multiple firewall.
    So I modify my IIS server and he is now listening on the port 22,
    When i launch WinSCP for trust the certificat (Keepass doesn't manage it :/  ) it works without any issue.
    But then, when i want to use Keepass, 
    If  I use the FTP:// ;  SFTP:// or FTP:// it doesn't work because these protocols don't use port 22 .

    So my question is, how I can force Keepass or plugin to change port ?

    thank you in advance

    regards

     
  • Spamator
    Spamator
    2012-10-29

    Just add a thing,
    in WinSCP i can select the protocol FTPS and change the port 990 to 22.
    That is why i would like to have with keepass

     
  • Spamator
    Spamator
    2012-11-08

    Does anyone got an idea ?

     
  • Paul
    Paul
    2012-11-08

    It seems the extension doesn't support changing ports. Might need a change in the plug-in.

    cheers, Paul

     
  • Dominik Reichl
    Dominik Reichl
    2012-11-08

    Try appending the port number to the host, e.g. ftps://www.example.com:22/path/file.kdbx

     
  • Spamator
    Spamator
    2012-11-09

    Hi guys,

    Thx for your replies !
    @dreichl, nice idea! but i got an error message, you can see it here  ==> 

    @Pail459, i already try to modify the extension but i don't have the binaries so it is difficult to modify it..

    it is a shame that  we can' t modify it, because of this I can't setup keepas for my team … (FTPS doesn't work over our firewall )  -_-'

     
  • Spamator
    Spamator
    2012-11-09

    Edit :  URL is here :     http://hpics.li/1ffea9d

     
  • Dominik Reichl
    Dominik Reichl
    2012-11-09

    The error that you're getting now is not related to the port. The plugin does use the correct port (otherwise you'd simply get a connection timeout error).

    Apparently it's a bug in WinSCP:
    http://winscp.net/forum/viewtopic.php?t=9683
    http://winscp.net/tracker/show_bug.cgi?id=879

    This bug seems to be fixed in WinSCP 4.3.9. Therefore, please try the following: download the latest 4.3.9 portable version of WinSCP and copy the files into the 'IOProtocolExt_WinSCP' folder (overwrite the existing ones). The error should then be gone.

    If you can confirm that it works, I'll release a new version of IOProtocolExt that includes the new WinSCP version.

    Best regards
    Dominik

     
  • Spamator
    Spamator
    2012-11-09

    Hello,

    thx for your tips,
    I try  4.3.9 version and 5.1.1 but i always got the following error :

    SSL_connect: error in SSLv2/v3 read server hello A
    Can't establish SSL connection
    Disconnected from server
    Connection failed.

    I try with Filezilla,  and it works.

    As it seems to be a WinSCP bug, i 'll contact the team.

    I come back ASAP

     
  • Spamator
    Spamator
    2012-11-27

    Hello guys,

    I come back to you, because i am still blocked...
    It is not a bug from WinSCP, it was a bad use from myself.
    So, now winscp can connect itself on the remote port22.

    I try this syntax with keepass :
    ftp://myserver.net/PwdVault.kdbx
    ftp://myserver.net:22/PwdVault.kdbx

    With this syntax i got the error like the file Keepass_error_1.jpg

    ftps://myserver.net/PwdVault.kdbx
    ftps://myserver.net:22/PwdVault.kdbx

     
    Attachments
  • Spamator
    Spamator
    2012-11-27

    I can add only 1 file/message

    so i try too with the syntax

    ftps://myserver.net/PwdVault.kdbx
    ftps://myserver.net:22/PwdVault.kdbx

    and i got the following error, see Keepass_error_2

    And at least, you can check the Winscp log

    2012-11-27 15:21:20.198 Transfer Protocol: FTP
    . 2012-11-27 15:21:20.198 Ping type: C, Ping interval: 30 sec; Timeout: 15 sec
    . 2012-11-27 15:21:20.198 Proxy: none
    . 2012-11-27 15:21:20.198 FTP: FTPS: Explicit TLS; Passive: Yes [Force IP: A]
    . 2012-11-27 15:21:20.198 Local directory: C:\, Remote directory: /, Update: Yes, Cache: Yes
    . 2012-11-27 15:21:20.198 Cache directory changes: Yes, Permanent: Yes
    . 2012-11-27 15:21:20.198 DST mode: 1
    . 2012-11-27 15:21:20.198 --------------------------------------------------------------------------
    . 2012-11-27 15:21:20.198 Session upkeep
    . 2012-11-27 15:21:20.278 Connecting to myserver.net:22 ...
    . 2012-11-27 15:21:20.278 m_pSslLayer changed state from 0 to 1
    . 2012-11-27 15:21:20.278 m_pSslLayer changed state from 1 to 2
    . 2012-11-27 15:21:20.278 m_pSslLayer changed state from 2 to 4
    . 2012-11-27 15:21:20.326 Connected with myserver.net:22, negotiating SSL connection...
    < 2012-11-27 15:21:20.326 220-Microsoft FTP Service
    < 2012-11-27 15:21:20.326 220 EXIS TEAM

    2012-11-27 15:21:20.326 AUTH TLS
    < 2012-11-27 15:21:20.326 234 AUTH command ok. Expecting TLS Negotiation.
    . 2012-11-27 15:21:20.326 SSL_connect: SSLv3 read server hello A
    . 2012-11-27 15:21:20.326 SSL_connect: SSLv3 read server certificate A
    . 2012-11-27 15:21:20.326 SSL_connect: SSLv3 read server done A
    . 2012-11-27 15:21:20.326 SSL_connect: SSLv3 write client key exchange A
    . 2012-11-27 15:21:20.326 SSL_connect: SSLv3 write change cipher spec A
    . 2012-11-27 15:21:20.326 SSL_connect: SSLv3 write finished A
    . 2012-11-27 15:21:20.326 SSL_connect: SSLv3 flush data
    . 2012-11-27 15:21:20.326 SSL_connect: SSLv3 read finished A
    . 2012-11-27 15:21:20.326 Using TLSv1, cipher TLSv1/SSLv3: AES128-SHA, 2048 bit RSA
    . 2012-11-27 15:21:20.373 SSL connection established. Waiting for welcome message...
    2012-11-27 15:21:20.373 USER Domain/user
    < 2012-11-27 15:21:20.373 331 Password required for Domain/user.
    . 2012-11-27 15:21:21.396 Session upkeep
    . 2012-11-27 15:21:22.418 Session upkeep
    . 2012-11-27 15:21:23.440 Session upkeep
    2012-11-27 15:21:24.239 PASS ***
    < 2012-11-27 15:21:24.255 230 User logged in.
    2012-11-27 15:21:24.255 SYST
    < 2012-11-27 15:21:24.255 215 Windows_NT
    2012-11-27 15:21:24.255 FEAT
    < 2012-11-27 15:21:24.271 211-Extended features supported:
    < 2012-11-27 15:21:24.271 LANG EN

    < 2012-11-27 15:21:24.271 UTF8
    < 2012-11-27 15:21:24.271 AUTH TLS;TLS-C;SSL;TLS-P;
    < 2012-11-27 15:21:24.271 PBSZ
    < 2012-11-27 15:21:24.271 PROT C;P;
    < 2012-11-27 15:21:24.271 CCC
    < 2012-11-27 15:21:24.271 HOST
    < 2012-11-27 15:21:24.271 SIZE
    < 2012-11-27 15:21:24.271 MDTM
    < 2012-11-27 15:21:24.271 REST STREAM
    < 2012-11-27 15:21:24.271 211 END
    2012-11-27 15:21:24.271 OPTS UTF8 ON
    < 2012-11-27 15:21:24.286 200 OPTS UTF8 command successful - UTF8 encoding now ON.
    2012-11-27 15:21:24.286 PBSZ 0
    < 2012-11-27 15:21:24.286 200 PBSZ command successful.
    2012-11-27 15:21:24.286 PROT P
    < 2012-11-27 15:21:24.302 200 PROT command successful.
    . 2012-11-27 15:21:24.302 Session upkeep
    . 2012-11-27 15:21:24.350 Connected
    . 2012-11-27 15:21:24.350 Got reply 1 to the command 1
    . 2012-11-27 15:21:24.350 --------------------------------------------------------------------------
    . 2012-11-27 15:21:24.350 Using FTP protocol.
    . 2012-11-27 15:21:24.350 Doing startup conversation with host.
    2012-11-27 15:21:24.398 PWD
    < 2012-11-27 15:21:24.414 257 "/" is current directory.
    . 2012-11-27 15:21:24.414 Got reply 1 to the command 16
    . 2012-11-27 15:21:24.462 Changing directory to "/".
    2012-11-27 15:21:24.462 CWD /
    < 2012-11-27 15:21:24.462 250 CWD command successful.
    . 2012-11-27 15:21:24.462 Got reply 1 to the command 16
    . 2012-11-27 15:21:24.462 Getting current directory name.
    2012-11-27 15:21:24.462 PWD
    < 2012-11-27 15:21:24.478 257 "/" is current directory.
    . 2012-11-27 15:21:24.478 Got reply 1 to the command 16
    . 2012-11-27 15:21:24.670 Retrieving directory listing...
    2012-11-27 15:21:24.670 TYPE A
    < 2012-11-27 15:21:24.670 200 Type set to A.
    2012-11-27 15:21:24.670 PASV
    < 2012-11-27 15:21:24.670 227 Entering Passive Mode (194,4,82,57,214,99).
    2012-11-27 15:21:24.670 LIST -a
    . 2012-11-27 15:21:24.670 Trying reuse main SSL session ID
    . 2012-11-27 15:21:24.670 m_pSslLayer changed state from 0 to 4
    < 2012-11-27 15:21:24.670 150 Opening ASCII mode data connection.
    . 2012-11-27 15:21:24.670 Session ID reused
    . 2012-11-27 15:21:24.718 SSL connection established
    . 2012-11-27 15:21:24.718 m_pSslLayer changed state from 4 to 5
    < 2012-11-27 15:21:24.718 226 Transfer complete.
    . 2012-11-27 15:21:24.718 11-05-12 05:16PM 5454 Exis-PwdVault.kdbx
    . 2012-11-27 15:21:24.718 09-08-12 10:23AM 695198 KeePass.chm
    . 2012-11-27 15:21:24.718 09-28-07 02:57PM 252 KeePass.config.xml
    . 2012-11-27 15:21:24.718 09-08-12 10:20AM 1911808 KeePass.exe
    . 2012-11-27 15:21:24.718 09-08-12 10:26AM 620 KeePass.exe.config
    . 2012-11-27 15:21:24.718 09-08-12 10:20AM 348160 KeePass.XmlSerializers.dll
    . 2012-11-27 15:21:24.718 09-08-12 10:12AM 592896 KeePassLibC32.dll
    . 2012-11-27 15:21:24.718 09-08-12 10:13AM 771584 KeePassLibC64.dll
    . 2012-11-27 15:21:24.718 01-01-12 01:13PM 18538 License.txt
    . 2012-11-27 15:21:24.718 09-08-12 10:22AM 74752 ShInstUtil.exe
    . 2012-11-27 15:21:24.718 09-12-12 03:57PM 3501 unins000.dat
    . 2012-11-27 15:21:24.718 09-12-12 03:56PM 1183089 unins000.exe
    . 2012-11-27 15:21:24.718 09-12-12 03:57PM <DIR> XSL
    . 2012-11-27 15:21:24.766 Directory listing successful

    thank you for yur help

     
    Last edit: Spamator 2012-11-27
    Attachments
  • Spamator
    Spamator
    2012-12-11

    Does anyone get an Idea ?

     
  • Dominik Reichl
    Dominik Reichl
    2012-12-11

    If I interpret your last post in the WinSCP forum correctly, the problem was solved by using explicit TLS.

    Have you enabled explicit TLS for IOProtocolExt, too? You can do that in KeePass: 'Tools' -> 'IOProtocolExt Options'.