Re: ftp: error 530 user <username> access denied

Louis Ingalls · ‎03-28-2001

I am not the Unix admin here at PPD but an Oracle DBA. One message in the knowledge base had to do with this same problem I'm having but it applied to 10.2 and we are running 11.0 I checked for the /etc/shells files as instructed but there is no /etc/shells file. I am not trying to allow anonymous FTP which the article seemed to address.

On one database server the userid "oracle" can successfully use FTP but whan I asked the admin to add another user he did not know how. We recently installed another database server and tried to FTP using the "oracle" account and got error listed above?

I have looked at the FTPD man pages and it seems only to address how to deny FTP access or allow anonymous FTP which I am not trying to do.

Any help would be greatly appreciated.

Vincenzo Restuccia · ‎03-28-2001

You can see /var/adm/inetd.sec

Berlene Herren · ‎03-28-2001

The 530 error is generally caused by a lack of the /etc/shells file, which you create.

Telnet into the server and type
#env
This will tell you the shell the server is trying to use when accessing via ftp.

See man page on getusershell for list of shells to add, or add the one that env is displaying.

Berlene

http://www.mindspring.com/~bkherren/dobes/index.htm

Marcel Boon · ‎03-28-2001

Hi,

Which shell do you use ? (vipw /etc/passwd)
This could be the problem, is these shell configured in the /etc/shells ?

Marcel

See the man pages

Edward Sedgemore · ‎03-28-2001

We have an 11 ftp server which is secure and we do not need /etc/shells for ftp access.

ftp is pretty straightforward to setup on 11, even if the ftp server is a secure server, as one of ours is.

1. Ensure the ftp account you are using can login normally to the ftp server using telnet. This confirms passwd entry is correct (login/pwd/shell etc.)

2. Now ensure the ftpd daemon is activated on the ftp server by looking for the following line in /etc/inetd.conf

ftp stream tcp nowait root /usr/lbin/ftpd ftpd -v -L

(ensure its uncommented).

3. Now test doing an ftp to the server using the login and password you just tested. Does it work ? If not check the /var/adm/syslog/syslog.log file on the ftp server for further info on why it failed.

Mark Mitchell · ‎03-28-2001

Your administrator would need to add your user id to the ftpusers file.

Steven Sim Kok Leong · ‎03-28-2001

Hi,

Check your /etc/shells as indicated. to verify, once you logged onto the server as the userid (who failed to ftp), run the following to populate your /etc/shells (I understand that your /etc/shells is empty):

# echo `grep "$LOGNAME:" /etc/passwd|awk -F: '{print $7}'` > /etc/shells

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com

Joseph C. Denman · ‎03-28-2001

Mark is incorrect. ftpusers is used to deny users. Do not add your user to this file.

???You SA did not know how to add a user??? Need new SA!!

I agree as above, add your shell to the /etc/shells file. Ensure ftpd daemon is running (ps -ef | grep ftpd).

...jcd...

If I had only read the instructions first??

Shannon Petry · ‎03-28-2001

I have seen this error lots as well. Out of curiosity, what kind of UNIX admin does not know how to add a user?

I have a on-line FTP FAQ which addresses most issues for standard and wu-ftp. In 11.X you may have either. The on-line FAQ can be found at "http://www.invenioeng.com/systems/ftpd_faq.html"

Someone else mentioned that they dont have to create /etc/shells and it works has a small flaw in logic.
HP's standard FTPD (Ft. Knox) uses system default shells of "/usr/sbin/csh, /usr/sbin/sh, /usr/sbin/ksh, /sbin/sh" only. If a lazy admin types in /bin/sh as a log in shell, then that person will be denied access.

You can follow the recommendation of populating /etc/shells by parsing the /etc/passwd file, but I would not recommend this as you may have anonymous access accidentally available. If your admin can't add a user then God only knows what may be screwed up on that system........

Regards,
Shannon

Microsoft. When do you want a virus today?

Steven Sim Kok Leong · ‎03-28-2001

Hi,

Current FTPD implementations on HP-UX make use of WU-FTPD, alike that used in RedHat Linux.

By default in HP-UX, anonymous FTP access is not allowed. Unlike in RedHat Linux where there exists an ftp account for anonymous ftp, there is no ftp account residing in HP-UX, which is the default.

For the ftp account in RedHat Linux, notice in the /etc/passwd that it does not come with any login shell. If this ftp account is commented out from /etc/passwd, anonymous ftp will no longer work ie. no password (including any email addresses) would be valid for anonymous.

If anonymous ftp has been configured in your HP-UX system, since it does not have a login shell, entries in /etc/shells would not affect it.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: ftp: error 530 user <username> access denied

ftp: error 530 user <username> access denied