I have setup lftp on Ubuntu server and I am trying to connect to an IIS FTP. On IIS it is configured with a self signed certificate and using WinSCP it connects Ok with Explicit option of SSL. But using lftp command though it connects, when I enter command cat files or get [filename] I'm getting the error 534 protection level negotiation failed
Command like cd [foldername] works ok.
I can't get what is wrong. Does lftp requires some specific option set for that case?
After experimenting with lftp I'm posting the solution using a bash script. So the bash script file contents would be
#!/bin/bash
USER='username'
PASS='password'
HOST='ftp.mydomain.com'
LOCAL_BACKUP_DIR='/backups'
REMOTE_DIR='/backupfiles'
lftp -u $USER,$PASS $HOST <<EOF
set ftp:ssl-protect-data true
set ftp:ssl-force true
set ssl:verify-certificate no
mirror -R -e "$LOCAL_BACKUP_DIR" "$REMOTE_DIR"
quit
EOF
Where changing the first part with the appropriate parameters of your ftp host, this script will take a mirror of all files in local directory to the remote one.
Since the remote host is a Windows IIS FTP Server with a self-signed certificate configured, I must note the need for the command set ssl:verify-certificate no in the script. Also though IIS/FTP user has to be entered in the form of HOST|USER e.g. ftp.mydomain.com|username, for some reason if this is set in lftp USER parameter the authentication fails. You have to ommit the HOST name and just set the username only... and that way it connects successfuly.
Thanks for posting your solution. We saw same error when trying to do a get in a program today. Using a single command line I found by using worked to get us logged in and allowed the get to work:
lftp -u $USER,$PASS -e "set ftp:ssl-protect-data true set ftp:ssl-force true set ssl:verify-certificate no" $HOST
