We help IT Professionals succeed at work.

problem is using ftp services in redhat 8

lomaree
lomaree asked
on
Hi

i have installed and started the services of ftp , but everytime i try to connect to the server through FTP is gives me this error . please help

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

c:/>ftp <ip address>
Connected to <ip address>
220 csserver FTP server (Version 5.60) ready.
User (<ip address>:(none)): zkhan
530 Must perform authentication before identifying USER.
Login failed.
ftp>
Comment
Watch Question

Commented:
this usually indicates that there was no encryption available, so windows is bombing out.  Try using a real ftp client like WSFTP or something from www.download.com  -- if that works, look around windows ftp setting for a way to disable "encryption or die" -- windows VPN's do this by default, they will dosconnect without encryption.
Top Expert 2005

Commented:
Something is strange here. There are two FTP servers furnished with RedHat (vsftp & wu-ftp) and neither of
them will produce the 220 greeting message that you have above. The default greeting from vsftp is:

220 ready, dude (vsFTPd 1.1.0: beat me, break me)

and the default greeting from wu-ftp is:

220 host.dom.tld FTP server (Version wu-2.6.2-8) ready

So it seems to me that you aren't connecting to the FTP server that you think you are. It would seem that
you've either gotten the IP of the Linux box wrong or that something is intercepting FTP connections and
directing them to a specific server.

Can you tell me more about the network(s) where the windows client and Linux box are?

Author

Commented:
i have already used ftp clients like WSFTP , CuteFTP , FlashFTP ..... still the same problem
Top Expert 2005

Commented:
I don't believe this is an FTP client issue. See the comments above about what the Linux FTP server (if you
actually connect to it) would greet with.

Author

Commented:
both windows and linux box are on the same network ..  sorry but i can't disclose the ip addresses..

but i can assure you that both of the machine are on the same subnet and same network

Commented:
if you login to the linux box you you ftp to 127.0.0.1? and/or the IP?

Author

Commented:
no i can't. same problem .. except that KERBEROS_V4 krb_mk_req sends this message .. you have no ticket cached

but i can ftp to other client
Top Expert 2005

Commented:
By "same network" do you mean that both systems have the same network number and netmask? For example,
IP's of 192.168.1.31/255.255.255.0 & 192.168.1.73/255.255.255.0 are systems on the network 192.168.1.0/24, but
IP's of 192.168.1.31/255.255.255.0 & 192.168.10.73/255.255.255.0 are systems on two differnet networks
(192.168.1.0/24 & 192.168.10.0/24) even though both could be on the same LAN. There's have to be a router in
between the two networks and it could be configured to re-direct all FTP connections to a specific server, regardless
of the specified IP. Something like that might explain the wierdness in the FTP greeting.

Do you get as far as the greeting when attempting an 'ftp localhost' on the Linux system? And if so what does the
greeting say?

What does /etc/sysconfig/authconfig contain on the Linux box?

Author

Commented:
authconfig .. does'nt contain anything that is in the user information configuration .. the authentication configuration has "use shadow password", "use MD5 passwords" enabled..


yes both the machines are on the same network

Commented:
perhaps you have kerberos enabled, you will see that in :

 /etc/sysconfig/authconfig

Author

Commented:
nope it's not enabled ...
Top Expert 2005

Commented:
To unravel this I need you to log in to the Linux system and show me the output of:

1) 'ftp 127.0.0.1'

2) As root, 'grep -i kerber /etc/pam.d/*

3) 'rpm -qa | grep ftp'

4) 'chkconfig --list'

Author

Commented:
outputs

1)
connected to 127.0.0.1
220 server ftp server (version 5.60) ready
334 Using authentication type GSSAPI; ADAT must follow
GSSAPI accepted as authentication type
GSSAPI error major: Miscellaneous failure
GSSAPI error minor: No credential cache found
GSSAPI error: initializing context
GSSAPI authentication failed
334 Using authentication typy KERBEROS_V4; ADAT must follow
KERBEROS_V4 accepted as authentication type
kerberos_V4 krb_mk_req failed: you have no tickets cached
name (127.0.0.1:root): root
530 Must perform authentication before identifying USER
Login failed
Remote system type is UNIX
Using binary mode to transfer files.
ftp>

2)
does'nt show anything

3)
ftpcopy-0.5.1-1
tftp-server-0.29-3
ftp-0.17-15
vsfstp-1.1.0-1
gftp-2.0.13-5
wu-ftpd-2.6.2-8
lftp-2.5.2-5
anonftp-4.0-12
tftp-0.29-3
ncftp-3.1.3-6

4)
well here
gssftp = on
tfpt = on
wu-ftpd = on
telnet = on

Author

Commented:
answer three output

ftp-0.17-15
grep-2.5.1-4
Top Expert 2005
Commented:
The answer lines in the output of query 4 (gssftp = on). That indicates that a Kerberized FTP server is enabled
and it is what is causing the problem. That is fixable by editing /etc/xinetd.d/gssftp and including 'disable = yes'.
Then reboot or issue the command 'killall -HUP xinetd' to cause the configuration to be re-read. At that point an
'ftp 127.0.0.1' should return the greeting for wu-ftpd and you should be able to access the FTP server from
other systems.