IOProtocolExt v1.12 - FTPS connection to Fritzbox 7490
A lightweight and easy-to-use password manager
Brought to you by:
dreichl
Menu
▾
▴
#1721 IOProtocolExt v1.12 - FTPS connection to Fritzbox 7490
Hi all,
First of all, KeePass is indeed an incredibly great tool!
Following problem with getting KeePass 2.38 download a database file from a Fritzbox 7490 using an FTPS connection (using IOProtocol v1.12 plugin): KeePass finds the database but after entering the credentials it returns the error message "Failed to load the specified file! The file header is corrupted. Less data than expected could be read from the file."
I have set FTPS "Explicit TLS/SSL" to "Yes". If I open WinSCP.exe from the IOProtocolExt_WinSCP folder I can connect, download the database file and open that local copy with KeePass without any problems.
I have read about this issue (bug?) in other threads but apparently haven't come accross a solution.
Can anyone tell me what's wrong or how to make KeePass open the database correctly?
Much appreciated.
Markus
My suggestion would be to update the WinSCP copy in the 'IOProtocolExt_WinSCP' folder. Maybe the WinSCP developer has already fixed this.
Best regards,
Dominik
Thx for your quick feedback. Tried but did not help as I'm already using the latest available version.
What happens if you set Explicit TLS/SSL to No?
cheers, Paul
It gives the error message as you would expect, i.e.: "An exception occured during a WebClient request. [...] connection failed [...] TLS connect error in SSLv2/v3 read server hello A, can't establish TLS connection [...]".
The FTP server has been configured such that it doesn't accept unsecure FTP connections, only FTPS.
When you request the file in KeePass does the WinSCP log show the connection is explicit TLS?
cheers, Paul
Where can I see that? There seems to be no logfile in either the KeePass or the WinSCP folder.
Run WinSCP manually and set the logging level you want, close WinSCP. A log will now be generated every time you connect.
cheers, Paul
I think the explicit TLS connection works. Below is the full log:
. 2018-03-21 09:21:47.253 Session name:###@######.myfritz.net (Ad-Hoc site)
. 2018-03-21 09:21:47.253 Host name: ######.myfritz.net (Port: 47658)
. 2018-03-21 09:21:47.253 User name: ### (Password: Yes, Key file: No)
. 2018-03-21 09:21:47.253 Transfer Protocol: FTP
. 2018-03-21 09:21:47.253 Ping type: C, Ping interval: 30 sec; Timeout: 15 sec
. 2018-03-21 09:21:47.253 Disable Nagle: No
. 2018-03-21 09:21:47.253 Proxy: none
. 2018-03-21 09:21:47.253 Send buffer: 262144
. 2018-03-21 09:21:47.253 UTF: 2
. 2018-03-21 09:21:47.253 FTP: FTPS: Explicit TLS; Passive: Yes [Force IP: A]; MLSD: A [List all: A]
. 2018-03-21 09:21:47.253 Session reuse: Yes
. 2018-03-21 09:21:47.253 TLS/SSL versions: TLSv1.0-TLSv1.2
. 2018-03-21 09:21:47.253 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2018-03-21 09:21:47.253 Cache directory changes: Yes, Permanent: Yes
. 2018-03-21 09:21:47.253 Timezone offset: 0h 0m
. 2018-03-21 09:21:47.253 --------------------------------------------------------------------------
. 2018-03-21 09:21:47.253 Connecting to ####.myfritz.net:47658 ...
. 2018-03-21 09:21:47.285 Connected with ####.myfritz.net:47658, negotiating TLS connection...
< 2018-03-21 09:21:47.380 220 FRITZ!Box7490 FTP server ready.
< 2018-03-21 09:21:49.035 /test.kdbx: No such file or directory
. 2018-03-21 09:21:49.035 Script: Failed
. 2018-03-21 09:21:49.035 Script: Exit code: 1
. 2018-03-21 09:21:49.035 Disconnected from server
Looks like the MDTM problem noted here.
https://winscp.net/forum/viewtopic.php?t=22239
cheers, Paul
...which effectively means that this bug does not allow KeePass to access via WinSCP any files on AVM Fritzbox FTPS servers?
Thanks for the hint, Paul!
Is there any plugin other than the IOProtocol that supports FTPS? Couldn't find any so far...
IOProtocol is the only plug-in for FTPS at present. As it works most places it seems unlikely another one will be created.
cheers, Paul
Dear all
I have the same problem and finaly found a solution. In the advanced tab added the following command to "Raw settings" FtpUseMlsd=1. This will disable MDTM and use list instead which works.
Best regards
Mads
Hi Mads,
Very interesting approach! However, doesn't seem to work with the Fritzbox FTPS server either, at least in my case (same error message)...
Best,
Markus
Hi Markus
What does it say in the WinSCP logs?
Here's the log:
. 2018-03-27 12:10:26.118 --------------------------------------------------------------------------
. 2018-03-27 12:10:26.118 WinSCP Version 5.7.7 (Build 6257) (OS 6.1.7601 Service Pack 1 - Windows 7 Enterprise)
. 2018-03-27 12:10:26.118 Configuration: C:\Users###\KeePass-2.38\IOProtocolExt_WinSCP\WinSCP.ini
. 2018-03-27 12:10:26.118 Log level: Normal
. 2018-03-27 12:10:26.118 Local account: ###
. 2018-03-27 12:10:26.118 Working directory: C:\Users###\KeePass-2.38
. 2018-03-27 12:10:26.118 Process ID: 8656
. 2018-03-27 12:10:26.118 Command-line: "C:\Users###\KeePass-2.38\IOProtocolExt_WinSCP\WinSCP.exe" /console=577 /consoleinstance=_7940_193 "/script=C:\Users###\AppData\Local\Temp\tmp1E42.tmp"
. 2018-03-27 12:10:26.118 Time zone: Current: GMT+2, Standard: GMT+1 (Mitteleuropäische Zeit), DST: GMT+2 (Mitteleuropäische Sommerzeit), DST Start: 25.03.2018, DST End: 28.10.2018
. 2018-03-27 12:10:26.118 Login time: Dienstag, 27. März 2018 12:10:26
. 2018-03-27 12:10:26.118 --------------------------------------------------------------------------
. 2018-03-27 12:10:26.118 Script: Retrospectively logging previous script records:
< 2018-03-27 12:10:27.931 /test.kdbx: No such file or directory
. 2018-03-27 12:10:27.931 Script: Failed
. 2018-03-27 12:10:27.931 Script: Exit code: 1
. 2018-03-27 12:10:27.931 Disconnected from server
It looks like it still uses MDTM. How did you add the FtpUseMlsd argument?
In KeePass I entered "FtpUseMlsd=1" into the very last field of the "Advanced" tab, i.e. under "WinSCP (FTPS / SCP / SFTP) raw settings:".
Or does that need to be entered in WinSCP itself?
Without the " right?
Correct.
Just installed the recent update of IOProtocol (v 1.13). Hoped that this issue had been fixed. Not yet the case unfortunately...
As it can be seen from the WinSCP log (thanks for posting it), the command '
SIZE /test.kdbx' command succeeds, but the following command 'MDTM /test.kdbx' fails, even though the server claims to support MDTM (see answer to 'FEAT') and the file exists ('SIZE' command was answered). This looks like a server bug to me.I'm not aware of a way to tell WinSCP to ignore this error (as a workaround).
Best regards,
Dominik
Hi Dominik, as I wrote hear https://sourceforge.net/p/keepass/discussion/329221/thread/3c515cab/ it works without keepass, if I put an asterrix before the filename, but if I try to do it with keepass, then keepass can't find the file and give a correct error message. Perhaps it helps to have a special plugin of IOProtocol for a Fritzbox ?
Best regards,
Christian
Please try the following development snapshot of IOProtocolExt. It has an option 'Enable FRITZ!Box workaround' (on the 'Advanced' tab of the connection dialog, at the very bottom); when setting it to 'Yes', IOProtocolExt prepends an asterisk to the file name. Does this work?
https://keepass.info/filepool/IOProtocolExt_180501.zip
Thanks and best regards,
Dominik
Domink - that works!! Where did you get that modified plugin from?!
Thx so much!