System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

ftp: connect: Connection refused

Khashru
Valued Contributor

ftp: connect: Connection refused

hi i got a new hpux box with 11.31. when i am trying to ftp it is saying ftp: connect: Connection refused.

What is the workaround
21 REPLIES
James R. Ferguson
Acclaimed Contributor

Re: ftp: connect: Connection refused

Hi:

Make sure to uncomment the 'ftp' entry in '/etc/inetd.conf'. Then do:

# inetd -c

Regards!

...JRF...
Khashru
Valued Contributor

Re: ftp: connect: Connection refused

it is there.
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l

Sone was telliong by defauly hpux 11.31 does not have ftp istalled.
Steven Schweda
Honored Contributor

Re: ftp: connect: Connection refused

"Connection refused" normally means that you
can talk to the target system, but that
there's no FTP server running (or configured)
there.

Please show actual commands with actual
output.

grep '^ftp' /etc/inetd.conf

netstat -an | grep '*.21 '

ls -l /usr/lbin/ftpd

Around here:

dyi # grep '^ftp' /etc/inetd.conf
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l

The FTP server is configured.

dyi # netstat -an | grep '*.21 '
tcp 0 0 *.21 *.* LISTEN

It's listening for connections.

dyi # ls -l /usr/lbin/ftpd
-r-xr--r-- 1 bin bin 649448 Jan 12 2007 /usr/lbin/ftpd

The FTP server program exists.

> [...] when i am trying to ftp [...]

How? From where?

ftp localhost

Is there anything interesting in
"/var/adm/syslog/syslog.log"?

> # inetd -c

You did that?
Khashru
Valued Contributor

Re: ftp: connect: Connection refused

twra5000:/home/mayub :netstat -an | grep '*.21 '
tcp 0 0 *.21 *.* LISTEN
twra5000:/home/mayub :ls -l /usr/lbin/ftpd
/usr/lbin/ftpd not found
twra5000:/home/mayub :

It is saying ftpd not found.
Steven Schweda
Honored Contributor

Re: ftp: connect: Connection refused

> /usr/lbin/ftpd not found

That would explain the problem.

I don't know if it was never installed, or if
it has been removed, but it's not there, and
that is what inetd expects to run for an
incoming FTP connection.

It's been a while since I installed the OS on
my system, so I remember nothing, but I
clearly have this program where it's
expected.

dyi # uname -a
HP-UX dyi B.11.31 U ia64 4235313755 unlimited-user license
Jeeshan
Honored Contributor

Re: ftp: connect: Connection refused

Hi Khashru vai

please use tcp instead of tcp6 in /etc/inetd.conf file. then restart the daemon.
a warrior never quits
Khashru
Valued Contributor

Re: ftp: connect: Connection refused

i tried with tcp instead of tcp6. same result. Some one told me that ftp is not istalled automatically in 11.31. Do have to manually install it?

Ahsan please send me you mail address.
Steven Schweda
Honored Contributor

Re: ftp: connect: Connection refused

> please use tcp instead of tcp6 in
> /etc/inetd.conf file. then restart the
> daemon.

Do you think that this will (magically)
replace the missing file, "/usr/lbin/ftpd"?

Or do you think that that file is not needed?
Suraj K Sankari
Honored Contributor

Re: ftp: connect: Connection refused

Hi,
What is the error message you are getting if you do $ftp localhost

did you check your /etc/inetd.conf

$grep '^ftp' /etc/inetd.conf
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -a -l

Do you have /var/adm/inetd.sec
if yes then what is the entry regarding ftp

are you getting ftp prompt ?

Suraj
Khashru
Valued Contributor

Re: ftp: connect: Connection refused

# ftp localhost
Connected to localhost.towerlife.com.au.
421 Service not available, remote server has closed connection
ftp>
Suraj K Sankari
Honored Contributor

Re: ftp: connect: Connection refused

Hi,

please give the output of
grep ftp /etc/inetd.conf
and
grep ftp /var/adm/inetd.sec

Suraj
Khashru
Valued Contributor

Re: ftp: connect: Connection refused

# grep ftp /etc/inetd.conf
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l
# Before uncommenting the "tftp" entry below, please make sure
# that you have a "tftp" user in /etc/passwd. If you don't
# have one, please consult the tftpd(1M) manual entry for
tftp dgram udp wait root /usr/lbin/tftpd tftpd\
# grep ftp /var/adm/inetd.sec
grep: can't open /var/adm/inetd.sec
Jeeshan
Honored Contributor

Re: ftp: connect: Connection refused

ahsanulj@gmail.com
a warrior never quits
Steven Schweda
Honored Contributor

Re: ftp: connect: Connection refused

> Sone was telliong by defauly hpux 11.31
> does not have ftp istalled.

If you spend enough time here, someone will
probably tell you almost anything.

> /usr/lbin/ftpd not found

If you decide that that's important:

http://docs.hp.com/en/5991-6460/apcs02.html
http://docs.hp.com/en/5992-4165/apds02.html

Everything I have found suggests that
HP FTP Server HPUX-FTPServer
is "installed or updated by default". You
seem to be missing some or all of it.

> [...] i got a new hpux box with 11.31 [...]

Who installed the OS? Perhaps _you_ should
do it.
Jeeshan
Honored Contributor

Re: ftp: connect: Connection refused

Khashru vai

you can check this doc

http://docs.hp.com/en/5992-4607/ch05s02.html
a warrior never quits
Suraj K Sankari
Honored Contributor

Re: ftp: connect: Connection refused

Hi,

Edit this line
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l
into
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -a -l

then restart the net
inet -c

Suraj
Suraj K Sankari
Honored Contributor

Re: ftp: connect: Connection refused

Hi,

Edit this line in /etc/inetd.conf
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l
into
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -a -l

then restart the net
inetd -c

Then try ftp again

Suraj
Dennis Handly
Acclaimed Contributor

Re: ftp: connect: Connection refused

>Steven: Everything I have found suggests that HPUX-FTPServer

Yes, this product contains ftpd:
HPUX-FTPServer.FTP.FTP-RUN: /usr/lbin/ftpd

For 11.23 it was:
InternetSrvcs.INETSVCS2-RUN: /usr/lbin/ftpd
Steven Schweda
Honored Contributor

Re: ftp: connect: Connection refused

> Edit this line in /etc/inetd.conf

> you can check this doc

Let's take a survey. How many people think
that this really doesn't matter:

/usr/lbin/ftpd not found

and that tweaking some configuration file
will actually help?


Buy a clue somewhere.


(Of course, I'd also expect some informative
complaints to appear in the system log file,
and we haven't been shown anything from
there.)
Darren Etheridge_2
Super Advisor

ftp: connect: Connection refused

I am having the same problem, when trying to FTP to  a HPUX 11.31 box I get connection refused.  Can someone tell me what the fix is for this please?

 

Darren

Matti_Kurkela
Honored Contributor

Re: ftp: connect: Connection refused

The inability to connect with FTP is a symptom, you'll need to identify the actual cause first.

 

  • Is the HP-UX FTP server fileset installed? (It may have been removed if your site has a strict security hardening policy.)
swinstall -l fileset | grep FTPServer

The fix for this: reinstall the HPUX-FTPServer filesets from your HP-UX installation media.

 

  •  Does the /usr/lbin/ftpd binary exist? (It may have been removed without swremoving the fileset if your site has a clumsily-applied strict security hardening policy)
ll /usr/lbin/ftpd

The fix for this: the same as the previous one.

 

  • Is inetd configured to start ftpd when someone attempts to connect? (With HP-UX 11.23 and later, non-essential services may be automatically disabled at OS installation time if you choose to use one of the Install-Time Security profiles. In 11.31, a security profile might even be applied by default unless you explicitly choose a traditional non-secured installation if I recall correctly.)
grep ^ftp /etc/inetd.conf

The fix for this: make sure ftpd is configured in inetd.conf as described earlier in this thread. Send a "kill -HUP" to inetd when you're done.

 

  • Has someone commented out or removed "ftp" from /etc/services? Editing /etc/services used to be the only way to stop the syslog daemon from accepting incoming messages from network in the HP-UX versions 10.20 and 11.00, but for some strange reason some people seem to be thinking this is the right way to disable any network service in HP-UX. (This is not true: while disabling an inetd service this way may work, it will cause inetd to emit error messages in syslog each time it starts or re-reads its configuration. Other services like sshd are not based on inetd and may or may not need /etc/services at all, so changing /etc/services may have no effect on them.)

 

  •  Is inetd running?
ps -ef |grep [i]netd

The fix for this: find out why inetd has been stopped (it may be a security policy at your site). Start inetd.

 

  • Has the connection been blocked by rules in /var/adm/inetd.sec? Read the file, and edit the rules if necessary.

 

  •  If the answers to all the previous questions has been 'yes', there might be an IPFilter configured in HP-UX, or a network firewall in between your FTP client and the HP-UX system. These can refuse the connection on behalf of the HP-UX system, so that the HP-UX never sees the incoming FTP connection.

See if you have IPFilter rules configured in /etc/opt/ipf directory, edit them and reapply if necessary (see IPFilter documentation).

 

If /etc/opt/ipf does not exist or is empty, or editing IPFilter did not solve the problem, configure inetd to log incoming connections (see "man inetd"), restart inetd, make a FTP connection attempt, and check the syslog.

 

If there is no message from inetd about an incoming FTP connection, you now know the connection attempt is not actually reaching your server at all: something else is rejecting the connection. Contact your network administrator for further troubleshooting.

 

If you see a log message from inetd, there might be some other problem that prevents inetd from starting ftpd for your incoming FTP connection. Read the next lines of syslog: there should be an error message from inetd describing the problem.

MK