HPE Community
Operating System - HP-UX
1827218 Members
2144 Online
109716 Solutions
New Discussion

login error ftp

 
Jose Ramirez_6
Advisor

‎11-06-2002 09:24 AM

‎11-06-2002 09:24 AM

login error ftp

I have a problem when i execute ftp with some users, for example root. For other, for example cdf the ftp is good.

the file inetd.sec is empty.

the error is:
frsd1:/etc# ftp 195.180.2.22
Connected to 195.180.2.22.
220 frsd1 FTP server (Version 1.1.214.8 Fri Apr 20 07:27:42 GMT 2001) ready.
Name (195.180.2.22:root): root
530 User root access denied...
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.

Thank you for help me
JRM.
jose ramirez
0 Kudos
Reply
5 REPLIES 5
Steven E. Protter
Exalted Contributor

‎11-06-2002 09:29 AM

‎11-06-2002 09:29 AM

Re: login error ftp

My advice.
stop using root for ftp.
Block root ftp access in the /etc/ftpaccess file.

Install Secure shell.

Use for root file transfers.

It is secure.

It encrypts passwords.

It is worth the longer time it takes to connect.

My guess is the remote system in your example has /etc/ftpaccess with root in it.

In the Post 9-11 era nobody should assume their network is safe, especially if it has any Microsoft software on any node. Therefore standard CERT and industry practice is to disable root ftp access. telnet should probably be replaced and disabled as well, but I haven't gotten around to that.

If you ever have a security audit as I have(since my employer is a frequent recipient of terrorist threats), you will get an embarassing, avoidable writeup on this issue.

Lastly, consider installing Bastille. It does a point an click question and answer security audit of your entire machine and can close down many security holes automagically. It also lets you shut down antiquated daemons that are risky and hardly anyone uses, freeing up system resources.

This message is probably not helpful, but if you listen to me, you will be happy and your bosses will appreciate it if there is ever a security breach.

Steve

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Vincent Fleming
Honored Contributor

‎11-06-2002 09:34 AM

‎11-06-2002 09:34 AM

Re: login error ftp

Root ftp access is normally turned off because ftp sends clear-text passwords accross the net, and could allow someone to gain your root password.

You should either use another user, or find an SSL version (ie: secure) of ftp (they are out there... look at the gnu stuff).

Good Luck!
No matter where you go, there you are.
0 Kudos
Reply
Govind
Frequent Advisor

‎11-06-2002 11:23 AM

‎11-06-2002 11:23 AM

Re: login error ftp

Check the file /etc/ftpd/ftpusers That must be having root in it. Try "man ftpusers" that will give you more info.
As others pointed This is not recommended for ftp access to be granted for root. You have to do it at ur own discretion. But I would strongly discourage it.
Dont try to fix something till it Aint Broke...Honesty is not always the best policy.....
0 Kudos
Reply
Kim Kendall
Regular Advisor

‎11-07-2002 11:54 AM

‎11-07-2002 11:54 AM

Re: login error ftp

Also make sure you have a /etc/shells file with the appropriats shells listed
0 Kudos
Reply
eran maor
Honored Contributor

‎11-07-2002 12:30 PM

‎11-07-2002 12:30 PM

Re: login error ftp

hi jose

i have handle a case today with the same error .

vi to /etc/shells
and add all your shell
( get all the shell that your users are working from the /etc/passwd ) .

check also what shell is your user root is working with
love computers
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.