Authentication failed because the remote party has closed the transport stream

[AndGutierrez]

FTP OS: Unix / Windows / Embedded
Windows

FTP Server: Pure-FTPd / DrFTPD / Vsftpd / ProFTPD / Vax / VMS / OpenVMS / Tandem / HP NonStop Guardian / IBM OS400 / AS400 / Windows CE
FileZillaServer

Computer OS: ?
Windows Server 2016

I'm using the FluentFtp v19.2.2.0 and it was working until the 13rd December. After this date, the FTPs explicit server close the connection when I upload a file or when I try to download, but the FileZilla client is working still.

The error:
"FluentFTP.FtpException: Error while uploading the file to the server. See InnerException for more info. ---> System.IO.IOException: Error de autenticación porque la parte remota cerró la secuencia de transporte."

I'm test with the FluentFtp v.28.0.5.0 and I have the same error.

Logs :

<paste logs here but DO NOT delete the lines above and below this line>
# Connect()
Status:   Connecting to 10.11.45.194:990
Response: 220-FileZilla Server 0.9.60 beta
Response: 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
Response: 220 Please visit https://filezilla-project.org/
Status:   Detected FTP server: FileZilla
Command:  AUTH TLS
Response: 234 Using authentication type TLS
Status:   FTPS Authentication Successful
Status:   Time to activate encryption: 0h 0m 0s.  Total Seconds: 0,0680652.
Command:  USER FTPscanPRD01
Response: 331 Password required for ftpscanprd01
Command:  PASS ***
Response: 230 Logged on
Command:  PBSZ 0
Response: 200 PBSZ=0
Command:  PROT P
Response: 200 Protection level set to P
Command:  FEAT
Response: 211-Features:
Response: MDTM
Response: REST STREAM
Response: SIZE
Response: MLST type*;size*;modify*;
Response: MLSD
Response: AUTH SSL
Response: AUTH TLS
Response: PROT
Response: PBSZ
Response: UTF8
Response: CLNT
Response: MFMT
Response: EPSV
Response: EPRT
Response: 211 End
Status:   Text encoding: System.Text.UTF8Encoding
Command:  OPTS UTF8 ON
Response: 202 UTF8 mode is always enabled. No need to send this command.
Command:  SYST
Response: 215 UNIX emulated by FileZilla

# GetListing("TestFtp", Auto)

# GetWorkingDirectory()
Command:  PWD
Response: 257 "/" is current directory.
Command:  TYPE I
Response: 200 Type set to I

# OpenPassiveDataStream(AutoPassive, "MLSD /TestFtp", 0)
Command:  EPSV
Response: 229 Entering Extended Passive Mode (|||50004|)
Status:   Connecting to 10.11.45.194:50004
Command:  MLSD /TestFtp
Response: 150 Opening data channel for directory listing of "/TestFtp"

# UploadFile("C:\Abast\TestFtp\Send\prueba.txt", "TestFtp/prueba.txt", NoCheck, False, None)

# OpenWrite("TestFtp/prueba.txt", Binary)
Status:   There is stale data on the socket, maybe our connection timed out or you did not call GetReply(). Re-connecting...
Status:   Disposing FtpSocketStream...

# Connect()
Status:   Connecting to 10.11.45.194:990
Response: 220-FileZilla Server 0.9.60 beta
Response: 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
Response: 220 Please visit https://filezilla-project.org/
Status:   Detected FTP server: FileZilla
Command:  AUTH TLS
Response: 234 Using authentication type TLS
Status:   FTPS Authentication Successful
Status:   Time to activate encryption: 0h 0m 0s.  Total Seconds: 0,0490301.
Command:  USER FTPscanPRD01
Response: 331 Password required for ftpscanprd01
Command:  PASS ***
Response: 230 Logged on
Command:  PBSZ 0
Response: 200 PBSZ=0
Command:  PROT P
Response: 200 Protection level set to P
Command:  FEAT
Response: 211-Features:
Response: MDTM
Response: REST STREAM
Response: SIZE
Response: MLST type*;size*;modify*;
Response: MLSD
Response: AUTH SSL
Response: AUTH TLS
Response: PROT
Response: PBSZ
Response: UTF8
Response: CLNT
Response: MFMT
Response: EPSV
Response: EPRT
Response: 211 End
Status:   Text encoding: System.Text.UTF8Encoding
Command:  OPTS UTF8 ON
Response: 202 UTF8 mode is always enabled. No need to send this command.
Command:  SYST
Response: 215 UNIX emulated by FileZilla
Command:  TYPE I
Response: 200 Type set to I

# OpenPassiveDataStream(AutoPassive, "STOR TestFtp/prueba.txt", 0)
Command:  EPSV
Response: 229 Entering Extended Passive Mode (|||50001|)
Status:   Connecting to 10.11.45.194:50001
Command:  STOR TestFtp/prueba.txt
Response: 150 Opening data channel for file upload to server of "/TestFtp/prueba.txt"
Status:   There is stale data on the socket, maybe our connection timed out or you did not call GetReply(). Re-connecting...
Status:   Disposing FtpSocketStream...
Status:   Not sending QUIT because the connection has already been closed.
Status:   Disposing FtpSocketStream...

# Dispose()
Status:   Disposing FtpClient object...
Status:   Disposing FtpSocketStream...
Status:   Disposing FtpSocketStream...
Status:   Disposing FtpSocketStream...```

[Yaagod]

I think it's probably a problem on TLS session resumption with FileZilla Server and .NET (probably by some system update).
Try uncheck this on FileZilla Server: https://prnt.sc/qewsjc. This will probably solve. But:

"Not requiring session resumption allows session stealing attacks. The problem with FTP is that the data connection does not authenticate the client: Imagine you a want to upload a new version of your website. To initiate the transfer your client sends the PASV command followed by the STOR command. The server opens a port and waits for the client to connect to it and upload the file. Now an attacker comes along and figures out the port the server listens on. He connects to the port before you can and uploads a piece of malware to your website." (https://forum.filezilla-project.org/viewtopic.php?t=36903)

FileZilla people will probably solve this problem with a rewrite of the server which will be using GnuTLS
Learn a discussion about this problem here: https://forum.filezilla-project.org/viewtopic.php?t=51601

[robinrodricks]

#311

#335

#26

[AndGutierrez]

Hi Robinicks, Thanks for your help; I read all the threats and the solution pass to disable resumption sessions on a FileZilla Server; but this server is inaccessible by us because it is maintained for another company and we can't changed this settings. Of course we unknown if sure that the Ftp Server was upgraded with one of this Kb's or not. We use Net Framework 4.6.2 and we need a solution in the client side application. It's possible?? El mar., 24 dic. 2019 10:52, Robinicks <notifications@github.com> escribió:

…

#311 <#311> #335 <#335> #26 <#26> — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#500?email_source=notifications&email_token=ABPB7WUUGJ3JCVSUXSEMJJDQ2HLURA5CNFSM4J552CD2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEHS5K4Y#issuecomment-568710515>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABPB7WWUSIU256JZWYRZXQTQ2HLURANCNFSM4J552CDQ> .

[tonyb-mwp]

I also have recently been affected by this issue System.IO.IOException: Authentication failed because the remote party has closed the transport stream on Connect().
I don't have details on or control of the FTP server.
Client details: Windows Server 2012, .NET v4.5.2, FluentFTP v16.2.1.

[robinrodricks]

@AndGutierrez Its a highly technical problem. I'm sorry I cannot help. Perhaps you can check the other threads I linked to. Try disabling SSL and just use plain FTP and see if it works.