Solved

Sun Solaris 9  not accepting FTP request

Posted on 2009-05-14
26
1,399 Views
Last Modified: 2013-12-09
Sun Box is plugged into a small 8 port hub along with my laptop (running XP). From my PC I can ping and SSH to the Sun box, but a timeout occurs when attempting a FTP login from PC. Wireshark (on PC) reveals there isn't any response at all  to the FTP SYN packets sourced from my PC. The Sun box is setup as a System Installation Server . Note I can establish FTP sessions with other similar SIS servers in my company using the same PC. When I log in successfully via SSH to this particular box, my prompt doesn't look like propmts on other SIS boxes. For one it doesn't append the hostname to the local path name and it ends up being just a "$" without any path, and remains this way when changing directories. I'm not sure if these are clues to the FTP problem or not.
=============================================================================
login as: sis
Password:
Last login: Wed May 13 19:42:37 2009 from 10.9.146.14
Sun Microsystems Inc.   SunOS 5.9       Generic May 2002
-sh: H: not found
-sh: PATH=:.:/usr/bin: is not an identifier
=============================================================================
I did some searching on the EE website for hints and clues and am including output of troubleshooting steps taken by others with similar FTP problems. Hopefully I won't have to reinstall the O/S to make this work. I did try toggling the passive transfer mode on/off.
=============================================================================
$ cat /etc/release
                       Solaris 9 12/03 s9s_u5wos_08b SPARC
           Copyright 2003 Sun Microsystems, Inc.  All Rights Reserved.
                        Use is subject to license terms.
                           Assembled 21 November 2003
$
$ cat /etc/ftpd/ftpusers
# ident "@(#)ftpusers   1.4     01/08/27 SMI"
#
# List of users denied access to the FTP server, see ftpusers(4).
#
#root
daemon
bin
sys
adm
lp
uucp
nuucp
smmsp
listen
nobody
noaccess
nobody4
$
$ ls -l /dev/null
lrwxrwxrwx   1 root     other         27 May  4  2007 /dev/null -> ../devices/pseudo/mm@0:null
$
$ ls -lL /dev/null
crw-rw-rw-   1 root     sys       13,  2 May 14 05:01 /dev/null
$
$ ls -al > /dev/null
$

$ ls -ld /dev
drwxr-xr-x  18 root     sys         3584 May 13 10:28 /dev
0
Comment
Question by:TGarey123
  • 14
  • 12
26 Comments
 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
can you do ftp 0 after login via ssh? what do you get?
0
 

Author Comment

by:TGarey123
Comment Utility
Do you mean type "ftp 0" after  I ssh from my pc into the sun box?
0
 

Author Comment

by:TGarey123
Comment Utility
Sorry, I meant to ask do you want me to enter thsi command on my PC when ssh'd into the SUN box?
0
 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
yes, I basically wants to see if you can ftp to your server from itself
0
 

Author Comment

by:TGarey123
Comment Utility
Yes, that works
0
 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
then it could be that you have a firewall stopping you from connecting via ftp ports 20 and 21
0
 

Author Comment

by:TGarey123
Comment Utility
It would have to be a software firewall on the sun box as the PC isn't restricting FTP to other boxes and both endpoints are plugged directly into a dumb hub.
0
 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
which ftp client are you using?
0
 

Author Comment

by:TGarey123
Comment Utility
It's called WS_FTP95 LE. Not sure where I got it, but it was free, easy to use, and been pretty reliable for a number of years now...currently it's working correctly with another box. I haven't checked O/S patch levels between these  two systems as I have the feeling there's something else wrong. I'm not a Solaris expert but had wondered why the prompt doesn't display as it should with hostname:path.
0
 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
Is your problem in ftping to the box or in the prompt setting? and which prompt is it?
0
 

Author Comment

by:TGarey123
Comment Utility
FTP doen't work as stated above. I just wondered why other boxes have hostname:path as the prompt and this one logs in with a "$" prompt and doesn't display the path as part of the prompt even when changing directories. The $ prompt doesn't appear to be a problem by itself...I guess this is configurable, right? But as I don't really know, I thought I'd confuse the issue by throwing it in there ;-)
0
 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
0
 

Author Comment

by:TGarey123
Comment Utility
I'll try and fix that....but what is the meaning of the following messages when I log in?
-sh: H: not found
-sh: PATH=:.:/usr/bin: is not an identifier
0
Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
remove the 1st : in PATH setting. try

PATH=.:/usr/bin
0
 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
if you still have a problem please post your .profile file

Do you know if you have a firewall / tcp wrapper installed on your system?
0
 

Author Comment

by:TGarey123
Comment Utility
ok, I'll work the prompt issue on the side...Not sure, how do I check for firewall/tcp wrapper?
0
 

Author Comment

by:TGarey123
Comment Utility

By monitoring the console and simultaneously using the FTP tool to login I now see the problem

$ May 15 13:04:07 trngsis ip: ipsec_check_global_policy: Policy Failure for the
incoming packet (not secure); Source 010.009.146.014, Destination 010.009.146.01
5.

1. Does this mean I have to use SFTP?
2. Is there a way to check if I have a firewall tcp wrapper installed? I got this system from another department in another location.

I will try a SFTP tool and report back.


Regarding your suggestions on the system prompt I need some help with the .profile settings as they didn't seem to take hold. After saving them and running the .profile (and even rebooting) it  still results in the same prompt and login messages...follow along below.
NOTE: I commented out each of the 2 lines in .profile and added your modifications below them.

====================================================================================
$ id
uid=100(sis) gid=1(other)
$ pwd
/export/home/sis
$ ls -lrt .profile
-rwxr-xr-x   1 sis      other        350 May 15 11:21 .profile
$ cat .profile
#       This is the default standard profile provided to a user.
#       They are expected to edit it to meet their own needs.

MAIL=/usr/mail/${LOGNAME:?}
stty erase ^H
#export PATH=:.:$PATH
export PATH=.:$PATH

ENV=$HOME/.kshrc
export ENV
#PS1="`hostname`:$PWD > "
PS1="$LOGNAME@`uname -n`:\$PWD > "
#PATH=/usr/local/bin:$PATH
PATH=/usr/bin:$PATH
====================================================================================
Running the file has no effect on the prompt...

$ ./.profile
./.profile: H: not found
./.profile: PATH=.:/usr/bin: is not an identifier
$
====================================================================================
Rebooting has no effect on the prompt...still get "-sh: H: not found"
and "-sh: PATH=.:/usr/bin:: is not an identifier"
I think I know the "sh: H: not found" problem but not the other.
====================================================================================
# init 6        
#
INIT: New run level: 6            
system b
The system is coming down.  Please wait.nu.                                    
System services are now being stopped.ve menu choices on the same line inste
Print services already stoppe                            
rebooting...            
Resetting ...            


Sun Blade 150 (UltraSPARC-IIe 550MHz), No Keyboard          

Ethernet address 0:3:ba:7b:65:59, Host ID: 837b6559.



Rebooting with command: boot
Boot device: disk  File and args:
SunOS Release 5.9 Version Generic_122300-05 64-bit
Copyright 1983-2003 Sun Microsystems, Inc.  All rights reserved.
Use is subject to license terms.
configuring IPv4 interfaces: eri0.
Hostname: trngsis
The system is coming up.  Please wait.
starting rpc services: rpcbind done.
Setting netmask of eri0 to 255.255.255.224
Setting default IPv4 interface for multicast: add net 224.0/4: gateway trngsis
syslog service starting.
May 15 13:07:24 trngsis sendmail[192]: My unqualified host name (trngsis) unknow
n; sleeping for retry
May 15 13:07:24 trngsis sendmail[191]: My unqualified host name (trngsis) unknow
n; sleeping for retry
volume management starting.
The system is ready.

trngsis console login:sis
Password:
Last login: Fri May 15 13:03:48 on console
Sun Microsystems Inc.   SunOS 5.9       Generic May 2002
-sh: H: not found
-sh: PATH=.:/usr/bin:: is not an identifier
$

====================================================================================
Not sure if you need them but below are 2 more files .kshrc file and /etc/profile
====================================================================================

$ ls -lrt .kshrc
-rwxr-xr-x   1 sis      other         98 Mar 31  2005 .kshrc
$ cat .kshrc
#user defined function for path display
_cd()
{
  cd $1
  PS1="`uname -n`:$PWD> "
}

alias cd=_cd
$

$ cd /etc
$ ls -lrt profile
-rw-r--r--   1 root     sys          712 May  4  2007 profile
$ cat profile
#ident  "@(#)profile    1.19    01/03/13 SMI"   /* SVr4.0 1.3   */

# The profile that all logins get before using their own .profile.

trap ""  2 3
export LOGNAME PATH

if [ "$TERM" = "" ]
then
        if /bin/i386
        then
                TERM=sun-color
        else
                TERM=sun
        fi
        export TERM
fi

#       Login and -su shells get /etc/profile services.
#       -rsh is given its environment in its .profile.

case "$0" in
-sh | -ksh | -jsh | -bash)

        if [ ! -f .hushlogin ]
        then
                /usr/sbin/quota
                #       Allow the user to break the Message-Of-The-Day only.
                trap "trap '' 2"  2
                /bin/cat -s /etc/motd
                trap "" 2

                /bin/mail -E
                case $? in
                0)
                        echo "You have new mail."
                        ;;
                2)
                        echo "You have mail."
                        ;;
                esac
        fi
esac

umask 022
trap  2 3
$

====================================================================================
Just for the heck of it I cut and pasted each line from the .profile to the command line....that at least changed the prompt (but not using the current path as part of it)
====================================================================================
$
$ MAIL=/usr/mail/${LOGNAME:?}
$ stty erase ^H
H: not found
$ export PATH=.:$PATH
PATH=.:/usr/bin: is not an identifier
$ ENV=$HOME/.kshrc
$ export ENV
$ PS1="$LOGNAME@`uname -n`:\$PWD > "
sis@trngsis:$PWD > PATH=/usr/bin:$PATH
sis@trngsis:$PWD >
====================================================================================
Now I see the a couple of things
     - The prompt has changed but still doesn't use the current path but $PWD instead
     - stty erase line needs something other than an ^H to represent the backspace key (I'm not worried about this now)
      - If I logout and back in agan the changes do not take effect, the old "$" is still used
1. How do I make the PWD be and change with the the current path?
2. How do I make the .profile run to accept the changes and stay persistant throughout reboots?
====================================================================================




0
 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
what is your login shell?
0
 

Author Comment

by:TGarey123
Comment Utility
I don't know
0
 
LVL 40

Expert Comment

by:omarfarid
Comment Utility
run the following command and post results

set
0
 

Author Comment

by:TGarey123
Comment Utility
$ set
HOME=/export/home/sis
IFS=

LC_COLLATE=en_US.ISO8859-1
LC_CTYPE=en_US.ISO8859-1
LC_MESSAGES=C
LC_MONETARY=en_US.ISO8859-1
LC_NUMERIC=en_US.ISO8859-1
LOGNAME=sis
MAIL=/usr/mail/sis
MAILCHECK=600
OPTIND=1
PATH=/usr/bin
PS1=$
PS2=>
SHELL=/bin/sh
SSH_CLIENT=10.9.146.14 1043 22
SSH_CONNECTION=10.9.146.14 1043 10.9.146.15 22
SSH_TTY=/dev/pts/1
TERM=xterm
TZ=US/Eastern
USER=sis
$
0
 
LVL 40

Assisted Solution

by:omarfarid
omarfarid earned 300 total points
Comment Utility
Your shell is Bourne shell (sh) and it does not support dynamic change of prompt. You may change login shell to ksh or bash (not recommended for root user).
0
 

Author Comment

by:TGarey123
Comment Utility
Interesting....If you don't mind I'm going to look at some other "known operational workstations" to see how they are setup, then change to align with them. I'm guessing our SIS server is setup for our specific application.
0
 

Author Comment

by:TGarey123
Comment Utility
Ok, took a look at another on properly functions SIS server of SET and .profile. There are several differences.
1. How can I make my system look like this one? The didderences I see are...
Good system has additional and different and missing lines as follows
     ENV=/export/home/sis/.kshrc....................addition
     HZ=100......................................................addition
     LC_TIME=en_US.IS08859-1.......................addition
     PATH=/usr/sbin:/usr/bin.............................different
     PS1=#.........................................................different
     PWD=/export/home/sis...............................addition
     SHELL=/usr/bin/ksh....................................different

     SSH_CLIENT......<address/port>.................missing
     SSH_CONNECTION......<address/port>.......missing
     SSH_TTY.../dev/pts/1..................................missing

2. After figuring out how to change shells I should probably put back the earlier changes made to .profile.
 


===================================================================================
#set
ENV=/export/home/sis/.kshrc
HOME=/export/home/sis
HZ=100
IFS=

LC_COLLATE=en_US.ISO8859-1
LC_CTYPE=en_US.ISO8859-1
LC_MESSAGES=C
LC_MONETARY=en_US.ISO8859-1
LC_NUMERIC=en_US.ISO8859-1
LC_TIME=en_US.ISO8859-1
LOGNAME=sis
MAIL=/usr/mail/sis
MAILCHECK=600
OPTIND=1
PATH=/usr/sbin:/usr/bin
PS1=#
PS2=>
PWD=/export/home/sis
SHELL=/usr/bin/ksh
TERM=xterm
TZ=US/Eastern
_=/usr/bin/su
#


#cat .profile
#       This is the default standard profile provided to a user.
#       They are expected to edit it to meet their own needs.

MAIL=/usr/mail/${LOGNAME:?}
stty erase ^H
export PATH=:.:$PATH

ENV=$HOME/.kshrc
export ENV
PS1="`hostname`:$PWD > "
PATH=/usr/local/bin:$PATH
===================================================================================
0
 
LVL 40

Assisted Solution

by:omarfarid
omarfarid earned 300 total points
Comment Utility
to change shell you need root user to do that (if you are not the system admin, then request your root user - admin to change login shell for you). You need to change it in /etc/passwd file, and it is last field in the user line. Some of the env variables can be changed by adding them to .profile file in your home dir.

Some of tne env variables should not be changed by you manually, like

SHELL
PWD
HOME
0
 

Accepted Solution

by:
TGarey123 earned 0 total points
Comment Utility
The FTP solution was fixed by adding ipaddress of my pc with the
 /usr/local/bin/permitTrustedHost <ip-address>

after that ftp worked.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Introduction People like FTP.  It's a solid, stable, robust protocol for quickly transferring files between two hosts using TCP/IP.  In most cases it's much faster than SMB or CIFS, and certainly much easier to set up between organizations.  This…
Online collaboration is quickly becoming embedded in the workplace, and its benefits are tangible. See what the current landscape looks like and what the future holds for collaboration tools and the future of work.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now