My website was recently migrated to a new server, and since then I haven’t been able to automatically upgrade WordPress plugins via FTP. Tonight I chased down the error. I could login via FTP from the command line, but WordPress kept telling me I had the wrong username/password. I found the error was occurring because the PHP ftp_login() method was failing, so I wrote this test.php file:
<?php
$link = ftp_ssl_connect('mydomain.ca',21);
if ( !$link )
echo 'link failed';
if ( ! ftp_login($link, 'username', 'passwd') )
echo 'username/password fail';
?>
ftp_login() would fail and raise the following warning:
Warning: ftp_login(): AUTH not understood in /home/balleyne/test.php
The failure was misleading. It wasn’t a problem with the username/password, but with SSL. Changing ftp_ssl_connect() to ftp_connect() made the connection possible. (Also, I didn’t seem to be having the error in PHP4, but I only tested from one PHP4 server). Turns out the ProFTPD server wasn’t yet configured to accept TLS/SSL connections. I used this reference to generate the keys (step 3):
# mkdir /etc/proftpd/ssl
# openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/proftpd.cert.pem -keyout /etc/proftpd/ssl/proftpd.key.pem
The next step in that guide didn’t square up with the proftpd.conf files on my server though, but there was already a file /etc/proftpd/tls.conf which was all set to go. I just uncommented the settings, changing the file names as appropriate. Also, I changed ‘TLSRequired’ from on to off (since I still want to allow non-TLS connections).
The comments in that file explained that the key can’t be readable by anyone but root, so I ran the recommended command:
# chmod 0600 /etc/proftpd/ssl/proftpd.key.pem
Then, I noticed an ‘Include’ directive toward the top of /etc/proftpd.conf, so I added the following line below it:
Include /etc/proftpd/tls.conf
Then, restart ProFTPD:
# /etc/init.d/proftpd restart
Now, ftp_ssl_connect + ftp_login work fine in PHP5. WordPress = updated.
One thought on “FIXED: PHP Warning: ftp_login(): AUTH not understood”
This was just what I needed. The “Username/Password incorrect” was driving me nuts. Thanks!
I did find that I needed to make the option line say:
TLSOptions NoCertRequest NoSessionReuseRequired
If the NoSessionReuseRequired was not there, I got an “Illegal Port Command” after connecting.