Find the answer to your Linux question:
Results 1 to 5 of 5
Hi, I have the following problem: i have a local network with 2 linuxboxes. I can ftp & telnet from box A to box B, but i cannot ftp from ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2006
    Location
    Western Europe
    Posts
    5

    Question Ftp & Telnet only in one direction


    Hi,

    I have the following problem: i have a local network with 2 linuxboxes.
    I can ftp & telnet from box A to box B, but i cannot ftp from box B to box A
    ("530 authentication failed" ) and i cannot telnet from box B to A ("connection closed by foreign host").

    I created the same user-accounts on both machines with same passwords, so I'm sure username&paswd are correct.

    I installed pure-ftpd on both boxes and both conf files are identical.
    So there must be some permission problem or some misconfiguration , but what?

    What obvious mistake did I make?

  2. #2
    Just Joined! tom-tjtech's Avatar
    Join Date
    Apr 2006
    Location
    Scotland
    Posts
    51

    Arrow Ftp & Telnet only in one direction

    Well it looks at least that you know how to setup an ftp server OK!

    The service that ftpd (the server, as opposed to client ftp) uses is 'vsftpd'
    which can only be run through 'xinetd'; so when I say restart the ftp-server
    I mean do...
    [root]$ service vsftpd restart

    but before we get carried away, first some basic checks...
    checking the basic firewall - lets assume that if you can see box A from
    box B and vica-versa then the ftp protocol ports are being let thru!

    from box A do..
    [root]$ arp -a
    boxb (192.168.2.102) at mac-address-here [ether] on eth0
    (--etc--)

    where boxb is the DNS name for server ip 192.168.2.102 (your number may be different this is just for example).

    [root]$ ping 192.168.2.102

    if succesful ping then boxB firewall is not blocking boxA.

    try this the other way around
    e.g. from boxB do...
    [root]$ arp -a
    boxa (192.168.2.101) at mac-address-here [ether] on eth0
    (--etc--)

    Any probs so far you have firewall misconfiguration that needs to be sorted out, e.g. iptables.

    Lets assume firewalls fine ... proceed...

    check that ftpd is available on machines and is running up, however
    you state that you can 'ftp' from boxA to boxB OK therefore lets restrict ourselves to boxA (where we suspect ftpd problems)...

    At boxA terminal do...
    [root]$ netstat -a | grep ftp
    [root]$

    i.e. assume that nothing returned by this command, means that ftpd is not running, lets start the service on boxA so...
    First check to see if the server is installed in the first place (you may have ftp in client mode- but this does not mean the ftpd is there!)...

    [root]$ rpm -qa | grep vsftp
    [root]$

    lets assume now too that the server is NOT installed yet, so do...
    [root]$ urpmi vsftpd (or yum vsftpd -depends on distro used)
    now get...
    vsftpd-2.0.1-1mdk

    so it is now installed OK!

    [root]$ chkconfig --list vsftpd
    vsftpd on

    (this indicates that it will start OK on reboot)
    Start the service manually now...

    [root]$ service vsftpd start
    vsftpd is a xinetd service
    Reloading configuration:
    [root]$ netstat -a | grep ftp
    tcp 0 0 *:ftp *:* LISTEN

    Now there are two posssibilities now -- either your ftp is working Ok both ways or you are still stuck at boxA...
    At boxA try localhost -you should try the ip of 'boxa' you know from
    the previous arp -a command, or use netstat at the local prompt.

    [root]$ ftp localhost
    Connected to 192.168.2.101.
    500 OOPS: vsftpd: cannot locate user specified in 'ftp_username':ftp

    use 'quit' to escape from ftp prompt.
    (You still will not be able to ftp into boxA yet).

    What has happened is that when you installed the server you didnot UNLOCK the passwd file and the ftp user was not added! Checking the /etc/passwd
    file will verify there is no entry for 'ftp'?

    [root]$ gedit /etc/passwd

    add this line to end of list...
    Code:
    ftp:x:100:100:FTP: User:/var/ftp:/sbin/nologin
    Observe the case and spaces- make sure you press return-key at EOL.
    The number 100 for UID is purely arbitrary, any number NOT in the list already will do.

    Unfortunately you have to also edit the shadow file...
    [root]$gedit /etc/shadow

    add this line to end...
    Code:
    ftp:*:13259:0:99999:7:::
    the number shown equals the number already in the list and may be different to that shown here.

    Remember to save both edited files to themselves.

    Now restart the vsftpd service and check to see if ftp works both ways using
    an existing machine account!

    I think your telnet problem also may be due to locked /etc/passwd file but I'm not sure on that- someone else will have to help you on that.

    Good luck, let me know if you have any further problems.

  3. #3
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,916
    Welcome to the forum, tunguska. Before you go diving into firewall configs and following tom-tjtech detailed help, you might just want to check these couple of things on each machine, it should only take a min :

    Check that xinetd is running:

    Code:
    /etc/rc.d/initd/xinetd status
    check that the config is set correctly in /etc/xinetd.d, there should be a file that relates to pure-ftpd, inside it will look something like this:

    Code:
    service pure-ftpd
    {
         disable      = yes
        ... other lines ...
    }
    If it says 'disable = yes', change to 'disable=no' and restart xinetd with:

    Code:
    /etc/rc.d/initd/xinetd restart
    and then try again. If this is all OK, and you still cant connect then follow tom-tjtech's advice, above.
    Linux user #126863 - see http://linuxcounter.net/

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    May 2006
    Location
    Western Europe
    Posts
    5
    Hi,

    thanks a lot, you both gave me some productive ideas - I finally got things (ftp & telnet) working OK.
    Problem was I had 2 ftp-servers running on boxA : pure-ftpd & vsftpd!
    (from previous late-night experiments...)
    When I disabled pure-ftpd in /etc/xinetd.d/pure-ftpd & also changed "user = root" in /etc/xinetd.d/vsftpd, things were OK again.

    With everything working again, i played around a bit:
    * With only vsftpd running on boxA, when I ftp'd from boxB I received
    the welcome-message from vsftpd on boxA : good
    * I then activated pure-ftpd on boxA (& of course also a xinetd restart)
    when I ftp'd again from boxB , the connection with boxA was made
    but i did receive the welcome message from pure-ftpd! Subsequently
    ftp asked for my name: it did not accept anonymous and neither
    did it accept my regular account&passwd. So I managed to reconstruct the faulty behaviour!

    Upon correcting my ftp-problem, telnet works fine too now!
    I suppose telnet uses ftp...

    Thanks again tom-tjtech & Roxoff!

  6. #5
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,916
    Quote Originally Posted by tunguska
    Upon correcting my ftp-problem, telnet works fine too now!
    I suppose telnet uses ftp...
    telnet uses xinetd (or inetd, if your system is that old) not ftp. It may have been enough to restart xinetd for this to be going again.

    Quote Originally Posted by tunguska
    Thanks again tom-tjtech & Roxoff!
    You're very welcome.
    Linux user #126863 - see http://linuxcounter.net/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •