Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am unable to telnet or ftp into my linux box from my windows laptop, however can "pull" files from XP to Linux. I checked the firewall, it allows both telnet and ftp and I also disabled firewall entirely to be sure that's not the problem.
Typing commands
>which telnet
shows
/usr/kerberos/bin/telnet
and
>which ftp
shows
/usr/kerberos/bin/ftp
so I believe the programs are installed.
I tried >ftp linuxboxname
and get
ftp: connect: connection refused
telnet from the linux box to self gives
trying 192.168.2.4...
telnet: unable to connect to remote host: connection refused
It seems clear the linux box is NOT allowing incoming connections either to telnet or ftp, but what to do about it?
I also used a command which shows the ports which both services are using and they're both using the standard ports (21 & 23) but I can't remember which command it was anymore.
Any suggestions how to troubleshoot this problem? Connectivity to the internet is fine, but without these two services it won't be much use on my home network. Thanks.
/etc/xinetd.d
holds the things you want ... but really
you shouldn't use either since they send
passwords plain-text.
use ssh and scp/sftp respectively.
Thanks for the tip, it got me closer. I edited the file krb5-telnet to change disable = yes to no. Now I can telnet into my linux box, just have to put up with an error message saying "cannot resolve network address for KDC in requested realm while getting credentials" and then it works. The krb5-telnet files mentions "kerberized telnet server accepts normal telnet sessions", so that's good enough. I also ensured kerberos is not enabled.
Now. about the ftp ... (I know both telnet and ftp are security risks but it's my little home network behind a firewall ... should I ever decide to run a web server I'd have to change).
From linux to Windows I can connect ftp, pull files to linux, but not push a file to windows. Error is:
227 entering passive mode (192,168,2,2,19,140)
mput: 550 bogus.txt: access is denied
ftp from Windows to linux
user oracle: 530 must perform authentication before identifying user.
Login failed.
root also fails.
I could find no files in xinetd.d pertaining to ftp ... can anyone point me in another direction?
On the one DeadRat machine that we have here
there's a
/etc/xinetd.d/gssftp
Code:
# default: off
# description: The kerberized FTP server accepts FTP connections \
# that can be authenticated with Kerberos 5.
service ftp
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/kerberos/sbin/ftpd
server_args = -l -a
log_on_failure += USERID
disable = yes
}
I'm getting the impression that the problem is simply that he has ftp clients installed on the box, but no ftp servers. The 4 things found by rpm -qa |grep -i rpm are all clients. You may want to try installing vsftpd (very secure ftp deamon), or alot of people like proftp. Then you'd have a server. If you issue the command "[stuff]$ ftp localhost" and you don't get asked for a username or logon, you don't have a ftp server installed.
Sorry for the delay, I was out all week and just today got home again.
Thanks also for all the help, next on my to-do list is giving affro's to everyone.
You were right, I didn't have FTP server installed. I installed more packages, and command
# rpm -qa | grep -i ftp
now shows:
gftp-2.0.14-2
tftp-server-0.32-4
tftp-0.32-4
lftp-2.6.3-3
vsftpd-1.2.0-4
ftp-0.17-17
I checked hosts.allow, the file is empty but from what I've read that appears to mean all requests are allowed, so I'm best off not messing with it. Correct?
I also ran /sbin/service xinetd restart and rebooted. Still can't pull files from other machines onto my linux box.
Exact sequence, user oracle on linux box connecting to XP laptop "bob" with username "root" on xp:
#ftp bob
connected to bob
220-Microsoft FTP service
500 'AUTH GSSAPI': command not understood
500 'AUTH KERBEROS_V4'" command not understood
KERBEROS_V4 rejected as an authentication type
Name (bobracle): root
331 password required for root.
Password:
230-welcome to bob.
230 User root logged in.
Remote system type is Windows_NT.
ftp>mput bogus.txt
mput bogus.txt? y
227 entering passive mode (192,168,2,2,19,137)
550 bogus.txt: Access is denied.
ftp>
I created the "root" user on XP laptop and confirmed it does have permissions on the directory I'm trying to put files from linux.
Also when trying to ftp locally:
#ftp 127.0.0.1
connected to 127.0.0.1
220 redbox FTP server (Version 5.60) ready.
334 using authentication type GSSAPI; ADAT must follow
GSSAPI accepted as authentication type
GSSAPI error major: miscellaneous failure
GSSAPI error minor: nocredentials cache found
GSSAPI error: initializing context
GSSAPI authentication failed
334 suing authentication type KERBEROS_V4; ADAT must follow
KERBEROS_V4 accepted as an authentication type
Kerberos V4 krb_mk_req failed: You have no tickets cached
Name (127.0.0.1racle): oracle
530 must perform authentication before identifying USER.
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
Could these GSSAPI and KERBEROS errors be significant?
Ok, I'm glad you installed an ftp server, but you now installe 2 ftp servers, and that is not a very good idea. You have both vsftpd (I like that one personally, but tftp-server is also ok) both at once will probably lead to problems. I would uninstall, or at least turn one off.
Now, when you do this sequence of events:
Quote:
Exact sequence, user oracle on linux box connecting to XP laptop "bob" with username "root" on xp:
#ftp bob
connected to bob
220-Microsoft FTP service
500 'AUTH GSSAPI': command not understood
500 'AUTH KERBEROS_V4'" command not understood
KERBEROS_V4 rejected as an authentication type
Name (bobracle): root
331 password required for root.
Password:
230-welcome to bob.
You are NOT using the linux ftp server to connect to the window$ box, you are using the linux client to connect to the microsoft ftp server. I do not think that windows comes with an ftp server turned on by default, but I would never in 1000 years install xp, due to security and memory hogginess of it. The reason that you may be getting denied by the xp box could be because it doesn't have a full or functional ftp server built into it. What the ftp server allows you to do is to log in, and get or send files. You should open a command prompt on windows, or use a GUI ftp interface, and connect to the linux box.
It isn't possible to "put" files from a server to a client through ftp, you can put or mput files from a client to a server, or get or mget client to a server, but not the other way around. If servers could "force" clients into accepting files, then every internet site would "force" open browsers and applications on your machine.
Quote:
I created the "root" user on XP laptop and confirmed it does have permissions on the directory I'm trying to put files from linux.
You definately have things backwards. The permissions on the linux side are fully unimportant, when connecting to the microsoft FTP. The client is what connects to the server, the server accepts and authenticates clients. The server holds the files in question (in general), and the client is used to add new files to the server, or copy files off of the server.
Quote:
#ftp 127.0.0.1
connected to 127.0.0.1
220 redbox FTP server (Version 5.60) ready.
334 using authentication type GSSAPI; ADAT must follow
GSSAPI accepted as authentication type
GSSAPI error major: miscellaneous failure
GSSAPI error minor: nocredentials cache found
GSSAPI error: initializing context
GSSAPI authentication failed
334 suing authentication type KERBEROS_V4; ADAT must follow
KERBEROS_V4 accepted as an authentication type
Kerberos V4 krb_mk_req failed: You have no tickets cached
Name (127.0.0.1racle): oracle
530 must perform authentication before identifying USER.
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
That may be caused by the multiple servers running, or some problem within kerberos. If you are trying to ftp into linux as user "root", most (I hope all) ftp servers are set to NEVER allow user root to use their service, as that is about the most unsecure thing you could ever do. The accounts that can use the service and any regular user, but not root. If you sign in regularly as user root, do yourself a favor, and stop doing it yesterday. I used to play as root all the time (bad habit from my window$ days), and at one point trying to remove all files recursively from /home/me/ and below, I put an extra space in the command, and managed to give the order "rm -rf / home/jim/". The space between / and home caused me to delete the first few directories in my root folder, and the very first in my alphabetical structure was /boot. I screwed myself in about 2 seconds, and had to reformat and rebuild. It was a stupid mistake on my part, but save yourself the embarassment and pain, and don't be a full time root.
Okay, back again after a long week away. Thanks Jim for your explanation, I am now clear on the roles of server and client. Armed with your info I checked my XP laptop and determined the XP server was not set up to allow "write" into the default FTP directory. Easily fixed.
I also removed the duplicate ftp server on my unix box, and using info I found in another linuxquestions post checked my ftp server configuration file, /etc/xinetd.d/gssftp
I removed the are "-a" from server_args = -l -a, restarted xinetd, and can now connect to the linux box from laptop. Hooray!
Thanks to everyone who offered advice, everything helped.
Do I need to install a ftp daemon? Not sure if it is installed and if it is not, I have no idea how to install it!
Under Extended Internet Service -> FTP, the service program appears as : /usr/kerberos/sbin/ftpd -l
Contents of gssftp
# default: off
# description: The kerberized FTP server accepts FTP connections \
# that can be authenticated with Kerberos 5.
service ftp
{
flags = REUSE
log_on_failure += USERID
socket_type = stream
user = root
server = /usr/kerberos/sbin/ftpd
server_args = -1
wait = no
}
I restarted xinetd service when I made changes.
After removing the -a as mentioned in the posts above, ftp connection produces this error:
connecting to 202.71.98.48 ...
Connected to 202.71.98.48 port 21
ftpd: invalid option -- 1
ftpd: Unknown flag -1 ignored.
220 www.mydomain.com FTP server (Version 5.60) ready.
! Receive error: Blocking call cancelled
I have read the above with interest but haven't found a solution to the following Ftp issue.
I'm using Mandriva 2005 Limited Edition and have enabled my LAN (which also has Redhat 8 and WinXP boxes attached).
All computers can happily access the web and the Redhat and WinXP boxes can Ftp to each other. Even the Mandriva box can Ftp outbound - but nothing inbound can get to Mandriva (not even itself).
I've already changed the line disable=yes to disable=no in the file proftpd-xinetd, and I'm signed-in as a normal user (not root).Basically I've done the same steps as I did for my Redhat installation which gave no problems.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.