HPE Community
Operating System - HP-UX
1833726 Members
2665 Online
110063 Solutions
New Discussion

Help! I've broken ftp!!!

 
SOLVED
Go to solution
Kris Spander
Advisor

‎01-15-2003 03:47 PM

‎01-15-2003 03:47 PM

Help! I've broken ftp!!!

Hello Experts,

I have been ordered to make ftp more secure. It's supposed to not show the version and issue a warning message. I have that part working but now nobody can use ftp. What did I do wrong?
Every login is invalid; I can't even run ftp as root.

TIA, Kris
Dilbert is my hero.
0 Kudos
Reply
7 REPLIES 7
A. Clay Stephenson
Acclaimed Contributor

‎01-15-2003 03:50 PM

‎01-15-2003 03:50 PM

Solution

Re: Help! I've broken ftp!!!

Hi Kris:

I assume that you added an ftpaccess that looks something like this and added the -a option to ftpd in /etc/inetd.conf:

suppressversion yes
banner /etc/issue

My best guess is that you need to add a class entry to your ftpaccess file as well.

At a minimum something like:
class realusers real *

Add that and see if you can now use ftp. You may want a more restrictive addrglob than '*'.

Man ftpasccess for details.

Regards, Clay
If it ain't broke, I can fix that.
Reply
A. Clay Stephenson
Acclaimed Contributor

‎01-15-2003 03:52 PM

‎01-15-2003 03:52 PM

Re: Help! I've broken ftp!!!

Ooops, my advanced one finger hunt-and-peck typing technique failed me again. That should be "man ftpaccess for more details".

If it ain't broke, I can fix that.
0 Kudos
Reply
Wilfred Chau_1
Respected Contributor

‎01-15-2003 03:54 PM

‎01-15-2003 03:54 PM

Re: Help! I've broken ftp!!!

Did you implement /etc/ftpd/ftpusers?
0 Kudos
Reply
Kris Spander
Advisor

‎01-15-2003 04:05 PM

‎01-15-2003 04:05 PM

Re: Help! I've broken ftp!!!

My ftpusers is a zero length file. If I understand how it works then nobody should be excluded.
Dilbert is my hero.
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎01-15-2003 04:07 PM

‎01-15-2003 04:07 PM

Re: Help! I've broken ftp!!!

Wilfred makes a good point but I assumed that you had a null ftpusers file; that may have been a very silly assumption. I'm still betting on a class entry being needed. You don't even have to restart ftpd; the next session will see these new entries in ftpaccess.
If it ain't broke, I can fix that.
Reply
Kris Spander
Advisor

‎01-15-2003 04:11 PM

‎01-15-2003 04:11 PM

Re: Help! I've broken ftp!!!

Hi Clay,

That worked a treat! FTP now allows me to login.

Thanks a bunch for the quick help
Kris
Dilbert is my hero.
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎01-15-2003 04:11 PM

‎01-15-2003 04:11 PM

Re: Help! I've broken ftp!!!

Hi Kris,

I agree w/Clay...especially if your ftpusers file is null.
Check /usr/newconfig/etc/ftpd/ftpaccess for the proper way to use the class statement in there. I suspect you're missing it or it's malformed.

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.