Analyzing FTP sniff-file error messages
Open the text file you saved and look for the SUCCESS or FAILED message. The error code or point of failure is shown above FAILURE message. For example, in Basic FTP missing directory error: the following error code is shown on the lines preceding FAILED:
ftp rx: 550 Directory not found
In SFTP incompatible host encryption keys error: you see the following error code on the lines before the FAILED message:
-5 – Unable to exchange encryption keys
Other SFTP error codes could include messages similar to the following:
-18 - Authentication failed (username/password)
Authentication by password failed -18.
Use the following tables to help interpret error messages.
|
FTP Error codes |
|
|---|---|
|
Code |
Description |
|
331 |
User name okay, need password. |
|
332 |
Need account for login. |
|
350 |
Requested file action pending further information. |
|
421 |
Service not available, closing control connection. This may be a reply to any command if the service knows it must shut down. |
|
425 |
Cannot open data connection. Try changing from PASV to PORT mode. |
|
426 |
Connection closed; transfer aborted. |
|
450 |
Requested file action not taken. File unavailable (e.g., file busy). |
|
451 |
Requested action aborted: local error in processing. |
|
452 |
Requested action not taken. Insufficient storage space in system. |
|
501 |
Syntax error in parameters or arguments. |
|
502 |
Command not implemented. (The server does not support the FTP command you are using) |
|
503 |
Bad sequence of commands. |
|
504 |
Command not implemented for that parameter. |
|
530 |
Not logged in. Your password is being rejected, contact the server administrator. |
|
532 |
Need account for storing files. |
|
550 |
Requested action not taken. File unavailable (e.g., file or directory not found, or no access). Contact the server administrator. |
|
552 |
Requested file action aborted. Exceeded storage allocation (for current directory or data set). Contact the server administrator. |
|
553 |
Requested action not taken. File name not allowed. Try changing the file name, or getting rid of spaces in the file name. |
|
SFTP Error codes |
|
|---|---|
|
Code |
Description |
|
-2 |
ERROR_BANNER_RECV |
|
-3 |
ERROR_BANNER_SEND |
|
-4 |
ERROR_INVALID_MAC |
|
-5 |
ERROR_KEX_FAILURE – likely a host key incompatibility. |
|
-6 |
ERROR_ALLOC |
|
-7 |
ERROR_SOCKET_SEND |
|
-8 |
ERROR_KEY_EXCHANGE_FAILURE |
|
-9 |
ERROR_TIMEOUT |
|
-10 |
ERROR_HOSTKEY_INIT |
|
-11 |
ERROR_HOSTKEY_SIGN |
|
-12 |
ERROR_DECRYPT |
|
-13 |
ERROR_SOCKET_DISCONNECT |
|
-14 |
ERROR_PROTO |
|
-15 |
ERROR_PASSWORD_EXPIRED |
|
-16 |
ERROR_FILE |
|
-17 |
ERROR_METHOD_NONE |
|
-18 |
ERROR_AUTHENTICATION_FAILED |
|
|
ERROR_PUBLICKEY_UNRECOGNIZED |
|
|
ERROR_AUTHENTICATION_FAILED |
|
|
ERROR_AUTHENTICATION_FAILED (username/password) – data logger does not have valid keys for key authentication (which may be ok if you want to use username/password) and logger is not using correct username and password for username/password method. |
|
-19 |
ERROR_PUBLICKEY_UNVERIFIED – this error will not be able to show up on our loggers. |
|
-20 |
ERROR_CHANNEL_OUTOFORDER |
|
-21 |
ERROR_CHANNEL_FAILURE |
|
-22 |
ERROR_CHANNEL_REQUEST_DENIED |
|
-23 |
ERROR_CHANNEL_UNKNOWN |
|
-24 |
ERROR_CHANNEL_WINDOW_EXCEEDED |
|
-25 |
ERROR_CHANNEL_PACKET_EXCEEDED |
|
-26 |
ERROR_CHANNEL_CLOSED |
|
-27 |
ERROR_CHANNEL_EOF_SENT |
|
-28 |
ERROR_SCP_PROTOCOL |
|
-29 |
ERROR_ZLIB |
|
-30 |
ERROR_SOCKET_TIMEOUT |
|
-31 |
ERROR_SFTP_PROTOCOL |
|
-32 |
ERROR_REQUEST_DENIED |
|
-33 |
ERROR_METHOD_NOT_SUPPORTED |
|
-34 |
ERROR_INVAL |
|
-35 |
ERROR_INVALID_POLL_TYPE |
|
-36 |
ERROR_PUBLICKEY_PROTOCOL |
|
-37 |
ERROR_EAGAIN |
|
-38 |
ERROR_BUFFER_TOO_SMALL |
|
-39 |
ERROR_BAD_USE |
|
-40 |
ERROR_COMPRESS |
|
-41 |
ERROR_OUT_OF_BOUNDARY |
|
-42 |
ERROR_AGENT_PROTOCOL |
|
-43 |
ERROR_SOCKET_RECV |
|
-44 |
ERROR_ENCRYPT |
|
-45 |
ERROR_BAD_SOCKET |
|
-46 |
ERROR_KNOWN_HOSTS |
|
FTPS (TLS) errors |
|
|---|---|
|
Code |
Description |
| 0x1080 | PEM - No PEM header or footer found |
| 0x1100 | PEM - PEM string is not as expected |
| 0x1180 | PEM - Failed to allocate memory |
| 0x1200 | PEM - RSA IV is not in hex-format |
| 0x1280 | PEM - Unsupported key encryption algorithm |
| 0x1300 | PEM - Private key password cannot be empty |
| 0x1380 | PEM - Given private key password does not allow for correct decryption |
| 0x1400 | PEM - Unavailable feature, such as hashing/encryption combination |
| 0x1480 | PEM - Bad input parameters to function |
| 0x1E00 | PKCS12 - Given private key password does not allow for correct decryption |
| 0x1E80 | PKCS12 - PBE ASN.1 data not as expected |
| 0x1F00 | PKCS12 - Feature not available, such as unsupported encryption scheme |
| 0x1F80 | PKCS12 - Bad input parameters to function |
| 0x2080 | X509 - Unavailable feature, such as RSA hashing/encryption combination |
| 0x2100 | X509 - Requested OID is unknown |
| 0x2180 | X509 - The CRT/CRL/CSR format is invalid, different type expected |
| 0x2200 | X509 - The CRT/CRL/CSR version element is invalid |
| 0x2280 | X509 - The serial tag or value is invalid |
| 0x2300 | X509 - The algorithm tag or value is invalid |
| 0x2380 | X509 - The name tag or value is invalid |
| 0x2400 | X509 - The date tag or value is invalid |
| 0x2480 | X509 - The signature tag or value invalid |
| 0x2500 | X509 - The extension tag or value is invalid |
| 0x2580 | X509 - CRT/CRL/CSR has an unsupported version number |
| 0x2600 | X509 - Signature algorithm (oid) is unsupported |
| 0x2680 | X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid) |
| 0x2700 | X509 - Certificate verification failed, for example CRL, CA or signature check failed |
| 0x2780 | X509 - Format not recognized as DER or PEM |
| 0x2800 | X509 - Input invalid |
| 0x2880 | X509 - Allocation of memory failed |
| 0x2900 | X509 - Read/write of file failed |
| 0x2980 | X509 - Destination buffer is too small |
| 0x2e00 | PKCS5 - Given private key password does not allow for correct decryption |
| 0x2e80 | PKCS5 - Requested encryption or digest alg not available |
| 0x2f00 | PKCS5 - Unexpected ASN.1 data |
| 0x2f80 | PKCS5 - Bad input parameters to function |
| 0x3000 | X509 - A fatal error occurred, for example, the chain is too long or the verify callback failed |
| 0x3080 | DHM - Bad input parameters |
| 0x3100 | DHM - Reading of the DHM parameters failed |
| 0x3180 | DHM - Making of the DHM parameters failed |
| 0x3200 | DHM - Reading of the public values failed |
| 0x3280 | DHM - Making of the public value failed |
| 0x3300 | DHM - Calculation of the DHM secret failed |
| 0x3380 | DHM - The ASN.1 data is not formatted correctly |
| 0x3400 | DHM - Allocation of memory failed |
| 0x3480 | DHM - Read or write of file failed |
| 0x3500 | DHM - DHM hardware accelerator failed |
| 0x3580 | DHM - Setting the modulus and generator failed |
| 0x3880 | PK - PK hardware accelerator failed |
| 0x3900 | PK - The buffer contains a valid signature followed by more data |
| 0x3980 | PK - Unavailable feature, for example, RSA disabled for RSA key |
| 0x3A00 | PK - Elliptic curve is unsupported (only NIST curves are supported) |
| 0x3A80 | PK - The algorithm tag or value is invalid |
| 0x3B00 | PK - The pubkey tag or value is invalid (only RSA and EC are supported) |
| 0x3B80 | PK - Given private key password does not allow for correct decryption |
| 0x3C00 | PK - Private key password cannot be empty |
| 0x3C80 | PK - Key algorithm is unsupported (only RSA and EC are supported) |
| 0x3D00 | PK - Invalid key tag or value |
| 0x3D80 | PK - Unsupported key version |
| 0x3E00 | PK - Read/write of file failed |
| 0x3E80 | PK - Bad input parameters to function |
| 0x3F00 | PK - Type mismatch, for example, attempt to encrypt with an ECDSA key |
| 0x3F80 | PK - Memory allocation failed |
| 0x4080 | RSA - Bad input parameters to function |
| 0x4100 | RSA - Input data contains invalid padding and is rejected |
| 0x4180 | RSA - Something failed during generation of a key |
| 0x4200 | RSA - Key failed to pass the validity check of the library |
| 0x4280 | RSA - The public key operation failed |
| 0x4300 | RSA - The private key operation failed |
| 0x4380 | RSA - The PKCS#1 verification failed |
| 0x4400 | RSA - The output buffer for decryption is not large enough |
| 0x4480 | RSA - The random generator failed to generate non-zeros |
| 0x4500 | RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality |
| 0x4580 | RSA - RSA hardware accelerator failed |
| 0x4B00 | ECP - Operation in progress, call again with the same parameters to continue |
| 0x4B80 | ECP - The ECP hardware accelerator failed |
| 0x4C00 | ECP - The buffer contains a valid signature followed by more data |
| 0x4C80 | ECP - Invalid private or public key |
| 0x4D00 | ECP - Generation of random value, such as ephemeral key, failed |
| 0x4D80 | ECP - Memory allocation failed |
| 0x4E00 | ECP - The signature is not valid |
| 0x4E80 | ECP - The requested feature is not available, for example, the requested curve is not supported |
| 0x4F00 | ECP - The buffer is too small to write to |
| 0x4F80 | ECP - Bad input parameters to function |
| 0x5080 | MD - The selected feature is not available |
| 0x5100 | MD - Bad input parameters to function |
| 0x5180 | MD - Failed to allocate memory |
| 0x5200 | MD - Opening or reading of file failed |
| 0x5280 | MD - MD hardware accelerator failed |
| 0x6080 | CIPHER - The selected feature is not available |
| 0x6100 | CIPHER - Bad input parameters |
| 0x6180 | CIPHER - Failed to allocate memory |
| 0x6200 | CIPHER - Input data contains invalid padding and is rejected |
| 0x6280 | CIPHER - Decryption of block requires a full block |
| 0x6300 | CIPHER - Authentication failed (for AEAD modes) |
| 0x6380 | CIPHER - The context is invalid. For example, because it was freed |
| 0x6400 | CIPHER - Cipher hardware accelerator failed |
| 0x6480 | SSL - Internal-only message signaling that a message arrived early |
| 0x6500 | SSL - The asynchronous operation is not completed yet |
| 0x6580 | SSL - Internal-only message signaling that further message-processing should be done |
| 0x6600 | SSL – Could not set the hash for verifying CertificateVerify |
| 0x6680 | SSL - The alert message received indicates a non-fatal error |
| 0x6700 | SSL - Record header looks valid but is not expected |
| 0x6780 | SSL - The client initiated a reconnect from the same port |
| 0x6800 | SSL - The operation timed out |
| 0x6880 | SSL - Connection requires a write call |
| 0x6900 | SSL - No data of requested type currently available on underlying transport |
| 0x6980 | SSL - None of the common ciphersuites is usable (for example, no suitable certificate, see debug messages) |
| 0x6A00 | SSL - A buffer is too small to receive or write a message |
| 0x6A80 | SSL - DTLS client must retry for hello verification |
| 0x6B00 | SSL - Unexpected message at ServerHello in renegotiation |
| 0x6B80 | SSL - A counter would wrap (for example, too many messages exchanged) |
| 0x6C00 | SSL - Internal error (for example, unexpected failure in lower-level module) |
| 0x6C80 | SSL - Unknown identity received (for example, PSK identity) |
| 0x6D00 | SSL - Public key type mismatch (for example, asked for RSA key exchange and presented EC key) |
| 0x6D80 | SSL - Session ticket has expired |
| 0x6E00 | SSL - Processing of the NewSessionTicket handshake message failed |
| 0x6E80 | SSL - Handshake protocol not within min/max boundaries |
| 0x6F00 | SSL - Processing of the compression / decompression failed |
| 0x6F80 | SSL - Hardware acceleration function skipped / left alone data |
| 0x7000 | SSL - A cryptographic operation is in progress. Try again later |
| 0x7080 | SSL - The requested feature is not available |
| 0x7100 | SSL - Bad input parameters to function |
| 0x7180 | SSL - Verification of the message MAC failed |
| 0x7200 | SSL - An invalid SSL record was received |
| 0x7280 | SSL - The connection indicated an EOF |
| 0x7300 | SSL - An unknown cipher was received |
| 0x7380 | SSL - The server has no ciphersuites in common with the client |
| 0x7400 | SSL - No RNG was provided to the SSL module |
| 0x7480 | SSL - No client certification received from the client, but required by the authentication mode |
| 0x7500 | SSL - Our own certificate(s) is/are too large to send in an SSL message |
| 0x7580 | SSL - The own certificate is not set, but needed by the server |
| 0x7600 | SSL - The own private key or pre-shared key is not set, but needed |
| 0x7680 | SSL - No CA Chain is set, but required to operate |
| 0x7700 | SSL - An unexpected message was received from our peer |
| 0x7780 | SSL - A fatal alert message was received from our peer |
| 0x7800 | SSL - Verification of our peer failed |
| 0x7880 | SSL - The peer notified us that the connection is going to be closed |
| 0x7900 | SSL - Processing of the ClientHello handshake message failed |
| 0x7980 | SSL - Processing of the ServerHello handshake message failed |
| 0x7A00 | SSL - Processing of the Certificate handshake message failed |
| 0x7A80 | SSL - Processing of the CertificateRequest handshake message failed |
| 0x7B00 | SSL - Processing of the ServerKeyExchange handshake message failed |
| 0x7B80 | SSL - Processing of the ServerHelloDone handshake message failed |
| 0x7C00 | SSL - Processing of the ClientKeyExchange handshake message failed |
| 0x7C80 | SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public |
| 0x7D00 | SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret |
| 0x7D80 | SSL - Processing of the CertificateVerify handshake message failed |
| 0x7E00 | SSL - Processing of the ChangeCipherSpec handshake message failed |
| 0x7E80 | SSL - Processing of the Finished handshake message failed |
| 0x7F00 | SSL - Memory allocation failed |
| 0x7F80 | SSL - Hardware acceleration function returned with error |