ict.fys Posted November 27, 2017 Report Share Posted November 27, 2017 Does "Resident agent" have support for SFTP (SSH File Transfer Protocol)? I entered URL like my.server.net:22/remote_dir/, but nothing gets uploaded. (/debug gives no further info) FTP works fine. Quote Link to comment
Alex Posted November 27, 2017 Report Share Posted November 27, 2017 Hello, SFTP is not supported in the current TNI version. Thanks for the idea. Your request was forwarded to our development team. Quote Link to comment
ict.fys Posted November 27, 2017 Author Report Share Posted November 27, 2017 I would also be nice to have an option to set a random delay for the scan schedule. If all clients connect simultaneously at the exact same time to upload their inventory file, this could cause a problem with max. remote logins. Quote Link to comment
Alex Posted November 27, 2017 Report Share Posted November 27, 2017 You are right. We’ll consider adding such an option in the future. Quote Link to comment
ict.fys Posted February 21, 2018 Author Report Share Posted February 21, 2018 In the meantime, I am trying to use FTPS but cannot get it to work either. tniwinagent.log 2018.02.21 16:40:10.183 [iNFO] Starting service... 2018.02.21 16:40:10.183 [iNFO] Notification successful 2018.02.21 16:40:10.183 [iNFO] Resident mode 2018.02.21 16:40:10.186 [iNFO] {9E4A6CAF-1C8C-4B5C-83FD-088DD9D605A4}=weekly|1|201802211130|1|0010010||||189912300000|189912300000|0|0 2018.02.21 16:40:10.187 [iNFO] Starting local scan... 2018.02.21 16:40:10.187 [iNFO] Make local scan 2018.02.21 16:40:25.749 [iNFO] Scan finished 2018.02.21 16:40:25.763 [ERROR] Login error: check the send settings and network settings ftp://ftp.server.net/dir WORKS ftp://ftp.server.net:21/dir WORKS ftp://ftp.server.net:990/dir FAILS ftps://ftp.server.net:990/dir FAILS I can connect using Filezilla on port 990 and setting 'encryption' to 'Require explicit FTP over TLS'. I tried another server aswell that has TLS default on port 21, but same error. Quote Link to comment
ict.fys Posted February 22, 2018 Author Report Share Posted February 22, 2018 Also the update URL does not handle https it seems. https://www.server.net/update/tniwinagent.ini 2018.02.22 11:35:02.011 [ERROR] Scheduler: download failed: 500 -> works fine using wget in linux (HTTP request sent, awaiting response... 200 OK) http://www.server.net/update/tniwinagent.ini 2018.02.22 11:32:02.031 [ERROR] Scheduler: download failed: 301 Moved Permanently --> redirect to https is not handled Quote Link to comment
Alex Posted February 27, 2018 Report Share Posted February 27, 2018 Hello!>ftps://ftp.server.net:990/dirThis option should be working just fine for explicit FTP over TLS. > I tried another server aswell that has TLS default on port 21, but same error.Using the default port 21 for Explicit mode is the best option and should be working too. In any case the communication schema must be as follows:• Client connects to the server.• Client explicitly requests TLS/SSL encryption to be switched on.• Client talks to the server using an encrypted channel. By the way, can you please confirm that you’ve placed both DLLs (libeay32.dll and ssleay32.dll) next to the agent file? Quote Link to comment
Alex Posted February 27, 2018 Report Share Posted February 27, 2018 >Also the update URL does not handle https it seems.You are right. We've passed this information to the development team. Quote Link to comment
ict.fys Posted February 28, 2018 Author Report Share Posted February 28, 2018 Both .dll files are in the same directory. I also tried copying them to the Windows system folder and tried latest versions, both 64 an 32-bit files from http://indy.fulgan.com/SSL/ I'm using windows 10 and start the agent as admin with command "tniwinagent.exe /install /start /testrun" and before exporting new test settings "tniwinagent.exe /uninstall". I've now setup my own vsftpd test server with TLS enabled and I get the same error "[ERROR] Error sending data: check the send settings and network settings" This is the server log: Feb 28 12:09:21 dhcp-10-33-62-66 vsftpd[27071]: CONNECT: Client "10.33.62.74" Feb 28 12:09:21 dhcp-10-33-62-66 vsftpd[27071]: FTP response: Client "10.33.62.74", "220 test FTP server" Feb 28 12:09:21 dhcp-10-33-62-66 vsftpd[27071]: FTP command: Client "10.33.62.74", "AUTH TLS" Feb 28 12:09:21 dhcp-10-33-62-66 vsftpd[27071]: FTP response: Client "10.33.62.74", "234 Proceed with negotiation." Feb 28 12:09:21 dhcp-10-33-62-66 vsftpd[27071]: "" from "10.33.62.74": error:00000000:lib(0):func(0):reason(0) This is the server log connecting with Filezilla client with exact same settings: Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27654]: CONNECT: Client "10.33.62.74" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27654]: FTP response: Client "10.33.62.74", "220 test FTP server" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27654]: FTP command: Client "10.33.62.74", "AUTH TLS" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27654]: FTP response: Client "10.33.62.74", "234 Proceed with negotiation." Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27654]: FTP command: Client "10.33.62.74", "USER test" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27654]: [test] FTP response: Client "10.33.62.74", "331 Please specify the password." Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27654]: [test] FTP command: Client "10.33.62.74", "PASS <password>" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27653]: [test] OK LOGIN: Client "10.33.62.74" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP response: Client "10.33.62.74", "230 Login successful." Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP command: Client "10.33.62.74", "OPTS UTF8 ON" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP response: Client "10.33.62.74", "200 Always in UTF8 mode." Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP command: Client "10.33.62.74", "PBSZ 0" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP response: Client "10.33.62.74", "200 PBSZ set to 0." Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP command: Client "10.33.62.74", "PROT P" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP response: Client "10.33.62.74", "200 PROT now Private." Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP command: Client "10.33.62.74", "PWD" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP response: Client "10.33.62.74", "257 "/srv/ftp"" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP command: Client "10.33.62.74", "TYPE I" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP response: Client "10.33.62.74", "200 Switching to Binary mode." Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP command: Client "10.33.62.74", "PASV" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP response: Client "10.33.62.74", "227 Entering Passive Mode (10,33,62,66,117,84)." Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP command: Client "10.33.62.74", "LIST" Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP response: Client "10.33.62.74", "150 Here comes the directory listing." Feb 28 12:11:29 dhcp-10-33-62-66 vsftpd[27655]: [test] FTP response: Client "10.33.62.74", "226 Directory send OK." This is my config file: [ResidentAgent] version=18.02.16.0 config-timestamp=20180228121217.956000+060 [schedules] [sendDataSettings] method=smFTP save-sent-data=0 URL=ftps://10.33.62.66 Login=test Password=04000000C4F02FB5E2795EE06280481972597009 Timeout=30000 UseFW=0 UseProxy=0 Quote Link to comment
Alex Posted March 1, 2018 Report Share Posted March 1, 2018 That's strange. Everything should be working just fine with these settings. We'll try to reproduce this problem in our environment. Quote Link to comment
Alex Posted April 2, 2018 Report Share Posted April 2, 2018 Hello! This problem has been fixed in the latest TNI version (3.5.0.2605). Please update your TNI and let us know the result. Quote Link to comment
ict.fys Posted April 3, 2018 Author Report Share Posted April 3, 2018 No it does not work. I updated to 3.5.0.2605, but the resident agent files (tniwinagent.exe, libeay32.dll, ssleay32.dll) are not different from the previous version. Quote Link to comment
Alex Posted April 4, 2018 Report Share Posted April 4, 2018 Oh, I am sorry. This fix has been implemented in the new version that we released a few moments ago. Please reload the installer once again. The agent file will be updated in this version. Quote Link to comment
ict.fys Posted April 4, 2018 Author Report Share Posted April 4, 2018 Thanks, FTPS works and update-url supports https. Quote Link to comment
Alex Posted April 4, 2018 Report Share Posted April 4, 2018 Great! Thanks for your feedback! Quote Link to comment
ict.fys Posted April 22, 2020 Author Report Share Posted April 22, 2020 On 11/27/2017 at 4:24 PM, ict.fys said: I would also be nice to have an option to set a random delay for the scan schedule. If all clients connect simultaneously at the exact same time to upload their inventory file, this could cause a problem with max. remote logins. On 11/27/2017 at 5:09 PM, Alex said: You are right. We’ll consider adding such an option in the future. Any updates on this? We are almost getting to the limit of our max simultaneous server connections. Still on version 3.7, this would be a reason to buy an upgrade for us. Quote Link to comment
Alex Posted April 22, 2020 Report Share Posted April 22, 2020 Hello, Thanks for your message. Unfortunately, we have not yet implemented this functionality. We did implement a small time randomization for the agent when it contacts the updates server. Random delay for the scan schedule is still on our to-do list. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.