HPE Community
Operating System - HP-UX
1833737 Members
2544 Online
110063 Solutions
New Discussion

Re: Why is ftp session denied for certain users?

 
Roderick Derks
Frequent Advisor

‎01-16-2005 11:57 PM

‎01-16-2005 11:57 PM

Why is ftp session denied for certain users?

User A is member of group 1.
New user B is member of group 1.

User A can set up an ftp session.
User B can not.

What is going on?
0 Kudos
11 REPLIES 11
Bill Hassell
Honored Contributor

‎01-17-2005 12:04 AM

‎01-17-2005 12:04 AM

Re: Why is ftp session denied for certain users?

A little more information is needed. Are these users on PCs and running standard ftp from a DOS window to connect to your HP-UX system? What is the error message from the ftp server? Have you looked at the man page for ftpaccess?


Bill Hassell, sysadmin
0 Kudos
Roderick Derks
Frequent Advisor

‎01-17-2005 12:07 AM

‎01-17-2005 12:07 AM

Re: Why is ftp session denied for certain users?

Acces direct from the (Windows) command line. User A has got the same home directory as User B.

Error "530 User ftptd access denied..."

I'll look into the ftpacces manpage.
0 Kudos
Florian Heigl (new acc)
Honored Contributor

‎01-17-2005 12:11 AM

‎01-17-2005 12:11 AM

Re: Why is ftp session denied for certain users?

Roderick,

there might be some reasons -
sometimes the user needs a shell ftp considers 'valid', sometimes the permissions/ownership of the homedirectory, sometimes his is by mistake listed in the ftpusers file.

You could ensure that ftpd runs with the parameter -l ; this should get You some more explicit messages about the cause of a denied login into the syslog.
yesterday I stood at the edge. Today I'm one step ahead.
0 Kudos
Roderick Derks
Frequent Advisor

‎01-17-2005 12:28 AM

‎01-17-2005 12:28 AM

Re: Why is ftp session denied for certain users?

Not listed in /etc/ftpd/ftpusers.

There is no /etc/ftpd/ftpacces file.
0 Kudos
Roderick Derks
Frequent Advisor

‎01-17-2005 12:36 AM

‎01-17-2005 12:36 AM

Re: Why is ftp session denied for certain users?

USER UNABLE TO FTP:
ftptd:*:110:101:ftp to oracle:/usr/cible/tmp/ftp:/usr/bin/sh

ANONYMOUS USER CAN NOT FTP:
ftp:*:502:102: for lis application :/usr/cible/tmp/ftp:/bin/sh

USER THAT IS ABLE TO FTP:
lisfse:*:501:101: lis application :/usr/cible1/files:/bin/sh

(last user has a different HOME directory)

System is a trusted system.
0 Kudos
Roderick Derks
Frequent Advisor

‎01-17-2005 12:41 AM

‎01-17-2005 12:41 AM

Re: Why is ftp session denied for certain users?

syslog:

Jan 14 16:34:18 ezhlims1 ftpd[29812]: FTP session closed
Jan 14 16:34:19 ezhlims1 ftpd[29819]: Unable to provide ANONYMOUS ftp. The home directory '/usr/cible/tmp/ftp' is writable and should not be

This is it.

Can I still use this certain directory for ftp while anonymous logging is disabled?

Can I enable anounymous ftp on a secure system?
0 Kudos
bhavin asokan
Honored Contributor

‎01-17-2005 01:40 AM

‎01-17-2005 01:40 AM

Re: Why is ftp session denied for certain users?

hi,

what is the ownership and permission of following directories.

/usr/cible/tmp/ftp

/usr/cible1/files

does the system have /etc/shells file
and both /usr/bin/sh and /bin/sh are included on that file.

regds,



0 Kudos
bhavin asokan
Honored Contributor

‎01-17-2005 01:52 AM

‎01-17-2005 01:52 AM

Re: Why is ftp session denied for certain users?

hi,

from your post i assume the problem can be this

1.you may have a /etc/shells file and /bin/sh entry is only there.this may be disallowing the ftptd to login.

make an entry /usr/bin/sh in /etc/shells

2.folder /usr/cible/tmp/ftp may be having the permission/ownership for user ftptd only,not having write/execute permission for others.this may be disallowing ftp to login.
(see user ftp is not in the same group on ftptd)
give enough permission to others also
regds,





0 Kudos
Roderick Derks
Frequent Advisor

‎01-17-2005 03:25 AM

‎01-17-2005 03:25 AM

Re: Why is ftp session denied for certain users?

Thanks bhavin asokan,

All the settings are correct. The thing is that disabling ftp anonymous makes the /usr/cible/tmp/ftp directory unavailable for FTP sessions. I spoke to the vendor of the software that is running on the system. We are going to try to use another directory.

I want to create a user that can use ftp. I created one with the homedir /usr/cible/tmp/ftptd but I can not log in via ftp.

Right on the directory are good. What could be the issue here?
0 Kudos
Roderick Derks
Frequent Advisor

‎01-17-2005 03:41 AM

‎01-17-2005 03:41 AM

Re: Why is ftp session denied for certain users?

Creating a /etc/shells file with all shells defined worked out..Now the user ftptd is able to ftp to the server.
0 Kudos
Roderick Derks
Frequent Advisor

‎01-17-2005 03:42 AM

‎01-17-2005 03:42 AM

Re: Why is ftp session denied for certain users?

Thanks to all so your help!!
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.