SCO FTP access fails

I've recently installed SCO OpenServer 5.0.5 and I can't ftp into the machine.

It can't even FTP to itself.

The output of ftp -dv 127.0.0.1 is:

# ftp -dv 127.0.0.1
Connected to 127.0.0.1.
220-
220 localhost FTP server (Version 2.1WU(1)) ready.
---> AUTH KERBEROS_V5
334 Using authentication type KERBEROS_V5: ADAT must follow
'KERBEROS_V5' accepted as authentication type
Kerberos V5: error while constructing principal name: Unknown code DCE:krb 169 (336761001)
Name (127.0.0.1:root): root                                                    
---> USER root
530 User root access denied.
Login failed.
---> SYST
215 UNIX Type: L8 (SCO UNIX Release 3.2v5.0.5 [on Pentium], KID 98/07/02).
Remote system type is UNIX.
---> TYPE I
200 Type set to I.
Using binary mode to transfer files.
ftp>


This happens for any user, not just root.
It did previously work, but then just stopped...

powellyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

powellyAuthor Commented:
Edited text of question.
0
chintuCommented:
FTP problem.

Looks like some configuration for ftp server has changed.  I am not familiar with the SCO specifics,
but if possible you can post the man page
for
ftpd
or in.ftpd here and I can figure out the reason.

I've been through that on a Solaris/Linux
0
CalvinThomasCommented:
The answer is in your post. It is the Kerberos authentication protocol.  It isn't normally part of SCO's FTP login.  How did it get there?  You need to remove it.
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

powellyAuthor Commented:
Calvin:
I thought it might be the Kerberos authentication. I havn't knowingly installed it and I can't find how to remove it. This is a clean install of SCO with the default install options.

chintu:
The SCO FTP man page is too large to post here IMHO. If you really want I'll e-mail it to you.
0
tfewsterCommented:
You could try disabling the Kerberos daemon, if you don't use Kerberos; On Solaris, you would edit /etc/inetd.conf (which controls all Internet daemons) and comment out the "kerbd" line, then restart the inetd daemon. On SCO, the Kerberos daemon may be started explicitly - Have a look in the startup files and the man pages
0
dgrimesCommented:
Check /etc/inetd.com. Your ftp daemon entry most likely is specifying -k which tells it to use kerberos. Just remove it.

0
dgrimesCommented:
OH Yeah ... Don't forget to restart inetd after the change!
0
dgrimesCommented:
I might get right this TIME! the file to check is /etc/inetd.conf not .com (sorry) :)

0
powellyAuthor Commented:
I've checked the inetd.conf file. Kerberos isn't mentioned in the file at all. So I presume that inetd.conf doesn't start it. I'll check some other files a little later...

I've also checked the ftp entry in inetd.conf and the -k option isn't specified. No extra options are specified infact.
0
dgrimesCommented:
Hey... take a look at this:

www.sco.com/ta

ta # 105445


It's very simular to the problem you are having, although not exactly. Have you tried ftp client from another system other than SCO 5.0.5? It appears that it is the 5.0.5 ftp client that has the problem.
0
ahoffmannCommented:
check and setup /etc/ftpaccess
also take care for /etc/hosts.{allow,deny}
0
CalvinThomasCommented:
Actually, according to the SCO website,
www.sco.com/ta

 TA #110252, the Kerberos authentication protocol is now loaded automatically.  (Didn't know that)  This page gives a method to work around this problem that should work for you.  Try it out.

Thanks dgrimes.

 
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.