Re: user cannot ftp to a server, but can log into the server

James Ellis_1 · ‎01-05-2004

This seem strange, but user1 can login to a HP N9000 class server (11.0), but cannot ftp to the server. But this is the only ID that has this problem, all the other IDs can both login and ftp to the server. Yes, user1 can telnet to the server.

What should I be looking for? I've looked at the normal culprit and all seem to be set up correct.

Any tips?

Thanks.

"In the middle of difficulty lies opportunity" -Einstein

G. Vrijhoeven · ‎01-05-2004

Hi,

Check /etc/shells. It could be that the shell the user is using is not listed in this file.
Other option in /etc/ftpusers. If the file exists only users in this file are allowed to use ftp.

HTH.

Gideon

Uday_S_Ankolekar · ‎01-05-2004

It looks like FTP problems all over today :)
One more thread has similar problem with ftp.

Check /etc/ftpusers and /etc/ftpaccess and /etc/shells files.

if user account present in ftpusers file then it rejects ftp.
man 4 ftpaccess for more..

-USA

Good Luck..

G. Vrijhoeven · ‎01-05-2004

Hi,

Sorry the user must NOT be in /etc/ftpd/ftpusers..

Gideon

Steven E. Protter · ‎01-05-2004

/var/adm/inetd.sec

MIGHT(unlikely) be configured to allow telnet but not ftp to the network segment your user is on.

Of so, make a change and then.

inetd -c

To reload the internet daemon.

Its a longshot, but you might as well have all the tools you need for the job.

attaching an example file.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

James Ellis_1 · ‎01-05-2004

Hi, thanks for the response.

We have ftpusers, but nothing is in the file.

We have no ftpaccess file.

/etc/shells seem to be set up right, the same as the other server.

I will check with inetd and see if anything has been changed. I doubt it but let me check anyway.

Thanks.

"In the middle of difficulty lies opportunity" -Einstein

Bill Hassell · ‎01-05-2004

Actually, /etc/shells might be just fine, except that this problem user decided to make bash (or tcsh or some other strange shell) their personal shell. This is easy to overlook as users can change their login shells at any time (man chsh).

Bill Hassell, sysadmin

KapilRaj · ‎01-05-2004

Can you do the following and then check whether the problem is stil there. I doubt it is /etc/shells. !

**********
As that user :-
cp /etc/shells >>/tmp/shells1
echo $SHELL >>/tmp/shells1
cat /tmp/shells1 |sort -u >/tmp/shells

As root:-
cp /etc/shells /etc/shells.date +%d%m%y
cp /tmp/shells /etc/shells

Try an FTP as that user
**********

What is the error message u r getting by the way ?.

Kaps

Nothing is impossible

Elmar P. Kolkman · ‎01-05-2004

Also make sure the shell part of the user's line in /etc/passwd is an EXACT match for a shell in /etc/shells. You could append two lines from /etc/passwd to this thread, one containing the problem user, one with a working one.

Also, check out /var/adm/syslog.log for messages from ftpd that might give us some more insight. Perhaps even start ftpd with the -l option for some more logging.

Every problem has at least one solution. Only some solutions are harder to find.

James Ellis_1 · ‎01-06-2004

I just noticed something strange. The user ID's home directory is showing these as 0 sixe: .cshrc, .exrc, .login.

I will look at the shells more closely, but I believe the shells are set up correctly because I can ftp to the server with my normal user ID.

thanks

"In the middle of difficulty lies opportunity" -Einstein

James Ellis_1 · ‎01-08-2004

I am posting what the syslog shows after trying to ftp to the server.

_______________________

Jan 8 13:53:06 hserv10 inetd[4173]: telnet/tcp: Connection from G1966 (143.134.57.25) at Thu Jan 8 13:53:06 2004
Jan 8 13:50:37 hserv10 ftpd[4137]: User itapload: Login incorrect
Jan 8 13:53:46 hserv10 inetd[4212]: ftp/tcp: Connection from G1966 (143.134.57.25) at Thu Jan 8 13:53:46 2004
Jan 8 13:53:56 hserv10 ftpd[4212]: open_module: stat(/usr/lib/security/libpam_ntlm.1) failed: No such file or directory
Jan 8 13:53:56 hserv10 ftpd[4212]: load_modules: can not open module /usr/lib/security/libpam_ntlm.1
Jan 8 13:53:56 hserv10 ftpd[4212]: load_modules: pam_sm_acct_mgmt() missing
Jan 8 13:53:56 hserv10 ftpd[4212]: PAM_ERROR_MSG: Account is disabled - see Account Administrator.
Jan 8 13:53:56 hserv10 ftpd[4212]: pam_acct_mgmt:Account is disabled - see Account Administrator. 134217759
Jan 8 13:53:56 hserv10 ftpd[4212]: User itapload: Login incorrect
Jan 8 13:53:58 hserv10 ftpd[4212]: FTP session closed
___________________________

The log shows pam_acct_mgmt:Account is disabled. How can an account be disabled when I can log into the account? I can log into the account but not FTP to the server. Is there another security account for FTP access to the server?

Thanks.

"In the middle of difficulty lies opportunity" -Einstein

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: user cannot ftp to a server, but can log into the server

user cannot ftp to a server, but can log into the server