HPE Community
Operating System - HP-UX
1834105 Members
2650 Online
110063 Solutions
New Discussion

FTP failed

 
SOLVED
Go to solution
cazxd
Advisor

‎09-15-2003 09:30 AM

‎09-15-2003 09:30 AM

FTP failed

Hello all
I can not FTP to a HP-UX11 box, even by using the root account. the message is as "connection close d by remote host"
How can I check the FTP service, and re-enable the FTP service.

Thanks

question
0 Kudos
Reply
9 REPLIES 9
Steven E. Protter
Exalted Contributor

‎09-15-2003 09:44 AM

‎09-15-2003 09:44 AM

Re: FTP failed

Many possible causes.

Networking could be down on the box you are trying to connect to. Many machines are configured to disable root ftp access because that in itself is a security hazard.

If you have access to the box via telnet/ssh/console, try this.

tail -f /var/adm/syslog/syslog.log


Then try your ftp connect.

See what shows up in the log.

Check /etc/ientd.conf on the server and make sure the ftp entry is not commmented out.

Last: restart the target box and see if it helps.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Jeff Schussele
Honored Contributor

‎09-15-2003 09:48 AM

‎09-15-2003 09:48 AM

Re: FTP failed

Hi,

If the /etc/inetd.conf file does not show ftp commented out then check the /var/adm/inetd.sec file to see if only specific subnets or hosts are allowed or whether this specific host & it's subnet are explicitly disallowed.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
Reply
cazxd
Advisor

‎09-15-2003 10:55 AM

‎09-15-2003 10:55 AM

Re: FTP failed

Thank you very much Jeff, Steven.
I found the Telnet/FTP configuration file
/var/adm/inetd.sec .
the content of the file is as;
telnet allow 192.168.10.*
ftp allow 192.168.1.5
Does it mean that only the orksatation/server listed there can access this HP-UX.

If I added my workstattion IP to this access list. Shall I reboot the server to make it to take effect.


Why I can use the X-windows protocol rexec to access this HP-UX through the workstation which is not in this telnet permission list.

And why there is no main configuration file /etc/ientd.conf on this HP-UX.
Is the /var/adm/inetd.sec the backup configuration file.

thanks again


question
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎09-15-2003 11:14 AM

‎09-15-2003 11:14 AM

Re: FTP failed

Hi Again,

To answer your questions:

1) Yes, you'll have to add the host OR IP OR host's subnet to the allow statement to get ftp or telnet (if not in that subnet) from that host

2) Yes

3) Probably because the X-session is using rlogin or a utility *other* than telnet and those are *not* being disallowed.

4) Steven typo'd the filename - it's /etc/inetd.conf

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
Reply
Jim Mallett
Honored Contributor

‎09-15-2003 11:17 AM

‎09-15-2003 11:17 AM

Re: FTP failed

With a change to inetd.sec you shouldn't need to reboot, or even re-read inetd.conf, the changes should be immediate.
If you would like you can run inetd -c and that will re-read your inetd.conf file, but if you haven't made any changes to it, it's not needed.

Jim

Hindsight is 20/20
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎09-15-2003 11:18 AM

‎09-15-2003 11:18 AM

Re: FTP failed

Sorry - answer to question 2 is incorrect. You do NOT need to reboot. Just alter the line in /var/adm/inetd.sec & the change is immediate.
System reads that file on *every* connection.
Any changes made to /etc/inetd.conf needs the
inetd -c
command run for changes to take effect.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
cazxd
Advisor

‎09-15-2003 12:43 PM

‎09-15-2003 12:43 PM

Re: FTP failed

I would make it clear.Is it right as,
1./etc/inetd.conf is the main Telne/ftp access list file. Any change will not take efftect, untill you reboot the server or use the command inetd -c.

2./var/adm/onetd.sec is the backup Telne/ftp access list file. it will take effect once you modify it. and telnet/ftp service will always check this file, when users try to access the HP-UX by telnet/FTP.

Thanks

Kevin
question
0 Kudos
Reply
Jim Mallett
Honored Contributor

‎09-15-2003 01:00 PM

‎09-15-2003 01:00 PM

Solution

Re: FTP failed

Caxzd,

1) /etc/inetd.conf is not used as an access file list, this defines whether the particular service is available or not. The services controlled by this file somewhat fall under the umbrella of /usr/sbin/inetd. Rather than having daemons running and waiting for each service, all services are controlled by inetd.
You are correct in that any time you change /etc/inetd.conf you need to run inetd -c.

2) /var/adm/inetd.sec This file can be thought of as the access list. You can allow/deny at many different levels (IP, host, service). Any changes made to this file take effect immediately (to subsequent connections). Meaning if you DENY host X in the inetd.sec file, but they are already connected, they will not be disconnected. They just will not be able to reconnect after logging out.

While I find a trip to the dentist more appealing than man pages, the man pages for this topic aren't that bad:
man inetd
man inetd.conf
man inetd.sec

Hope this helps...
Jim
Hindsight is 20/20
Reply
Jim Mallett
Honored Contributor

‎09-15-2003 01:01 PM

‎09-15-2003 01:01 PM

Re: FTP failed

ugh, sorry about the typo in the name.
Jim
Hindsight is 20/20
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.