Solved

Sun Solaris 9  not accepting FTP request

Posted on 2009-05-14
26
1,410 Views
Last Modified: 2013-12-09
Sun Box is plugged into a small 8 port hub along with my laptop (running XP). From my PC I can ping and SSH to the Sun box, but a timeout occurs when attempting a FTP login from PC. Wireshark (on PC) reveals there isn't any response at all  to the FTP SYN packets sourced from my PC. The Sun box is setup as a System Installation Server . Note I can establish FTP sessions with other similar SIS servers in my company using the same PC. When I log in successfully via SSH to this particular box, my prompt doesn't look like propmts on other SIS boxes. For one it doesn't append the hostname to the local path name and it ends up being just a "$" without any path, and remains this way when changing directories. I'm not sure if these are clues to the FTP problem or not.
=============================================================================
login as: sis
Password:
Last login: Wed May 13 19:42:37 2009 from 10.9.146.14
Sun Microsystems Inc.   SunOS 5.9       Generic May 2002
-sh: H: not found
-sh: PATH=:.:/usr/bin: is not an identifier
=============================================================================
I did some searching on the EE website for hints and clues and am including output of troubleshooting steps taken by others with similar FTP problems. Hopefully I won't have to reinstall the O/S to make this work. I did try toggling the passive transfer mode on/off.
=============================================================================
$ cat /etc/release
                       Solaris 9 12/03 s9s_u5wos_08b SPARC
           Copyright 2003 Sun Microsystems, Inc.  All Rights Reserved.
                        Use is subject to license terms.
                           Assembled 21 November 2003
$
$ cat /etc/ftpd/ftpusers
# ident "@(#)ftpusers   1.4     01/08/27 SMI"
#
# List of users denied access to the FTP server, see ftpusers(4).
#
#root
daemon
bin
sys
adm
lp
uucp
nuucp
smmsp
listen
nobody
noaccess
nobody4
$
$ ls -l /dev/null
lrwxrwxrwx   1 root     other         27 May  4  2007 /dev/null -> ../devices/pseudo/mm@0:null
$
$ ls -lL /dev/null
crw-rw-rw-   1 root     sys       13,  2 May 14 05:01 /dev/null
$
$ ls -al > /dev/null
$

$ ls -ld /dev
drwxr-xr-x  18 root     sys         3584 May 13 10:28 /dev
0
Comment
Question by:Link
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 14
  • 12
26 Comments
 
LVL 40

Expert Comment

by:omarfarid
ID: 24383734
can you do ftp 0 after login via ssh? what do you get?
0
 

Author Comment

by:Link
ID: 24383814
Do you mean type "ftp 0" after  I ssh from my pc into the sun box?
0
 

Author Comment

by:Link
ID: 24383832
Sorry, I meant to ask do you want me to enter thsi command on my PC when ssh'd into the SUN box?
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 40

Expert Comment

by:omarfarid
ID: 24383835
yes, I basically wants to see if you can ftp to your server from itself
0
 

Author Comment

by:Link
ID: 24383895
Yes, that works
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24384109
then it could be that you have a firewall stopping you from connecting via ftp ports 20 and 21
0
 

Author Comment

by:Link
ID: 24384249
It would have to be a software firewall on the sun box as the PC isn't restricting FTP to other boxes and both endpoints are plugged directly into a dumb hub.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24388867
which ftp client are you using?
0
 

Author Comment

by:Link
ID: 24388987
It's called WS_FTP95 LE. Not sure where I got it, but it was free, easy to use, and been pretty reliable for a number of years now...currently it's working correctly with another box. I haven't checked O/S patch levels between these  two systems as I have the feeling there's something else wrong. I'm not a Solaris expert but had wondered why the prompt doesn't display as it should with hostname:path.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24389006
Is your problem in ftping to the box or in the prompt setting? and which prompt is it?
0
 

Author Comment

by:Link
ID: 24389118
FTP doen't work as stated above. I just wondered why other boxes have hostname:path as the prompt and this one logs in with a "$" prompt and doesn't display the path as part of the prompt even when changing directories. The $ prompt doesn't appear to be a problem by itself...I guess this is configurable, right? But as I don't really know, I thought I'd confuse the issue by throwing it in there ;-)
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24389371
0
 

Author Comment

by:Link
ID: 24389458
I'll try and fix that....but what is the meaning of the following messages when I log in?
-sh: H: not found
-sh: PATH=:.:/usr/bin: is not an identifier
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24389517
remove the 1st : in PATH setting. try

PATH=.:/usr/bin
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24389543
if you still have a problem please post your .profile file

Do you know if you have a firewall / tcp wrapper installed on your system?
0
 

Author Comment

by:Link
ID: 24390600
ok, I'll work the prompt issue on the side...Not sure, how do I check for firewall/tcp wrapper?
0
 

Author Comment

by:Link
ID: 24398501

By monitoring the console and simultaneously using the FTP tool to login I now see the problem

$ May 15 13:04:07 trngsis ip: ipsec_check_global_policy: Policy Failure for the
incoming packet (not secure); Source 010.009.146.014, Destination 010.009.146.01
5.

1. Does this mean I have to use SFTP?
2. Is there a way to check if I have a firewall tcp wrapper installed? I got this system from another department in another location.

I will try a SFTP tool and report back.


Regarding your suggestions on the system prompt I need some help with the .profile settings as they didn't seem to take hold. After saving them and running the .profile (and even rebooting) it  still results in the same prompt and login messages...follow along below.
NOTE: I commented out each of the 2 lines in .profile and added your modifications below them.

====================================================================================
$ id
uid=100(sis) gid=1(other)
$ pwd
/export/home/sis
$ ls -lrt .profile
-rwxr-xr-x   1 sis      other        350 May 15 11:21 .profile
$ cat .profile
#       This is the default standard profile provided to a user.
#       They are expected to edit it to meet their own needs.

MAIL=/usr/mail/${LOGNAME:?}
stty erase ^H
#export PATH=:.:$PATH
export PATH=.:$PATH

ENV=$HOME/.kshrc
export ENV
#PS1="`hostname`:$PWD > "
PS1="$LOGNAME@`uname -n`:\$PWD > "
#PATH=/usr/local/bin:$PATH
PATH=/usr/bin:$PATH
====================================================================================
Running the file has no effect on the prompt...

$ ./.profile
./.profile: H: not found
./.profile: PATH=.:/usr/bin: is not an identifier
$
====================================================================================
Rebooting has no effect on the prompt...still get "-sh: H: not found"
and "-sh: PATH=.:/usr/bin:: is not an identifier"
I think I know the "sh: H: not found" problem but not the other.
====================================================================================
# init 6        
#
INIT: New run level: 6            
system b
The system is coming down.  Please wait.nu.                                    
System services are now being stopped.ve menu choices on the same line inste
Print services already stoppe                            
rebooting...            
Resetting ...            


Sun Blade 150 (UltraSPARC-IIe 550MHz), No Keyboard          

Ethernet address 0:3:ba:7b:65:59, Host ID: 837b6559.



Rebooting with command: boot
Boot device: disk  File and args:
SunOS Release 5.9 Version Generic_122300-05 64-bit
Copyright 1983-2003 Sun Microsystems, Inc.  All rights reserved.
Use is subject to license terms.
configuring IPv4 interfaces: eri0.
Hostname: trngsis
The system is coming up.  Please wait.
starting rpc services: rpcbind done.
Setting netmask of eri0 to 255.255.255.224
Setting default IPv4 interface for multicast: add net 224.0/4: gateway trngsis
syslog service starting.
May 15 13:07:24 trngsis sendmail[192]: My unqualified host name (trngsis) unknow
n; sleeping for retry
May 15 13:07:24 trngsis sendmail[191]: My unqualified host name (trngsis) unknow
n; sleeping for retry
volume management starting.
The system is ready.

trngsis console login:sis
Password:
Last login: Fri May 15 13:03:48 on console
Sun Microsystems Inc.   SunOS 5.9       Generic May 2002
-sh: H: not found
-sh: PATH=.:/usr/bin:: is not an identifier
$

====================================================================================
Not sure if you need them but below are 2 more files .kshrc file and /etc/profile
====================================================================================

$ ls -lrt .kshrc
-rwxr-xr-x   1 sis      other         98 Mar 31  2005 .kshrc
$ cat .kshrc
#user defined function for path display
_cd()
{
  cd $1
  PS1="`uname -n`:$PWD> "
}

alias cd=_cd
$

$ cd /etc
$ ls -lrt profile
-rw-r--r--   1 root     sys          712 May  4  2007 profile
$ cat profile
#ident  "@(#)profile    1.19    01/03/13 SMI"   /* SVr4.0 1.3   */

# The profile that all logins get before using their own .profile.

trap ""  2 3
export LOGNAME PATH

if [ "$TERM" = "" ]
then
        if /bin/i386
        then
                TERM=sun-color
        else
                TERM=sun
        fi
        export TERM
fi

#       Login and -su shells get /etc/profile services.
#       -rsh is given its environment in its .profile.

case "$0" in
-sh | -ksh | -jsh | -bash)

        if [ ! -f .hushlogin ]
        then
                /usr/sbin/quota
                #       Allow the user to break the Message-Of-The-Day only.
                trap "trap '' 2"  2
                /bin/cat -s /etc/motd
                trap "" 2

                /bin/mail -E
                case $? in
                0)
                        echo "You have new mail."
                        ;;
                2)
                        echo "You have mail."
                        ;;
                esac
        fi
esac

umask 022
trap  2 3
$

====================================================================================
Just for the heck of it I cut and pasted each line from the .profile to the command line....that at least changed the prompt (but not using the current path as part of it)
====================================================================================
$
$ MAIL=/usr/mail/${LOGNAME:?}
$ stty erase ^H
H: not found
$ export PATH=.:$PATH
PATH=.:/usr/bin: is not an identifier
$ ENV=$HOME/.kshrc
$ export ENV
$ PS1="$LOGNAME@`uname -n`:\$PWD > "
sis@trngsis:$PWD > PATH=/usr/bin:$PATH
sis@trngsis:$PWD >
====================================================================================
Now I see the a couple of things
     - The prompt has changed but still doesn't use the current path but $PWD instead
     - stty erase line needs something other than an ^H to represent the backspace key (I'm not worried about this now)
      - If I logout and back in agan the changes do not take effect, the old "$" is still used
1. How do I make the PWD be and change with the the current path?
2. How do I make the .profile run to accept the changes and stay persistant throughout reboots?
====================================================================================




0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24400830
what is your login shell?
0
 

Author Comment

by:Link
ID: 24401061
I don't know
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24401786
run the following command and post results

set
0
 

Author Comment

by:Link
ID: 24403378
$ set
HOME=/export/home/sis
IFS=

LC_COLLATE=en_US.ISO8859-1
LC_CTYPE=en_US.ISO8859-1
LC_MESSAGES=C
LC_MONETARY=en_US.ISO8859-1
LC_NUMERIC=en_US.ISO8859-1
LOGNAME=sis
MAIL=/usr/mail/sis
MAILCHECK=600
OPTIND=1
PATH=/usr/bin
PS1=$
PS2=>
SHELL=/bin/sh
SSH_CLIENT=10.9.146.14 1043 22
SSH_CONNECTION=10.9.146.14 1043 10.9.146.15 22
SSH_TTY=/dev/pts/1
TERM=xterm
TZ=US/Eastern
USER=sis
$
0
 
LVL 40

Assisted Solution

by:omarfarid
omarfarid earned 300 total points
ID: 24403591
Your shell is Bourne shell (sh) and it does not support dynamic change of prompt. You may change login shell to ksh or bash (not recommended for root user).
0
 

Author Comment

by:Link
ID: 24403666
Interesting....If you don't mind I'm going to look at some other "known operational workstations" to see how they are setup, then change to align with them. I'm guessing our SIS server is setup for our specific application.
0
 

Author Comment

by:Link
ID: 24403894
Ok, took a look at another on properly functions SIS server of SET and .profile. There are several differences.
1. How can I make my system look like this one? The didderences I see are...
Good system has additional and different and missing lines as follows
     ENV=/export/home/sis/.kshrc....................addition
     HZ=100......................................................addition
     LC_TIME=en_US.IS08859-1.......................addition
     PATH=/usr/sbin:/usr/bin.............................different
     PS1=#.........................................................different
     PWD=/export/home/sis...............................addition
     SHELL=/usr/bin/ksh....................................different

     SSH_CLIENT......<address/port>.................missing
     SSH_CONNECTION......<address/port>.......missing
     SSH_TTY.../dev/pts/1..................................missing

2. After figuring out how to change shells I should probably put back the earlier changes made to .profile.
 


===================================================================================
#set
ENV=/export/home/sis/.kshrc
HOME=/export/home/sis
HZ=100
IFS=

LC_COLLATE=en_US.ISO8859-1
LC_CTYPE=en_US.ISO8859-1
LC_MESSAGES=C
LC_MONETARY=en_US.ISO8859-1
LC_NUMERIC=en_US.ISO8859-1
LC_TIME=en_US.ISO8859-1
LOGNAME=sis
MAIL=/usr/mail/sis
MAILCHECK=600
OPTIND=1
PATH=/usr/sbin:/usr/bin
PS1=#
PS2=>
PWD=/export/home/sis
SHELL=/usr/bin/ksh
TERM=xterm
TZ=US/Eastern
_=/usr/bin/su
#


#cat .profile
#       This is the default standard profile provided to a user.
#       They are expected to edit it to meet their own needs.

MAIL=/usr/mail/${LOGNAME:?}
stty erase ^H
export PATH=:.:$PATH

ENV=$HOME/.kshrc
export ENV
PS1="`hostname`:$PWD > "
PATH=/usr/local/bin:$PATH
===================================================================================
0
 
LVL 40

Assisted Solution

by:omarfarid
omarfarid earned 300 total points
ID: 24404713
to change shell you need root user to do that (if you are not the system admin, then request your root user - admin to change login shell for you). You need to change it in /etc/passwd file, and it is last field in the user line. Some of the env variables can be changed by adding them to .profile file in your home dir.

Some of tne env variables should not be changed by you manually, like

SHELL
PWD
HOME
0
 

Accepted Solution

by:
Link earned 0 total points
ID: 24450386
The FTP solution was fixed by adding ipaddress of my pc with the
 /usr/local/bin/permitTrustedHost <ip-address>

after that ftp worked.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If, like me, you have a lot of Dell servers in the estate you manage this article should save you a little time. When attempting to login to iDrac on any server I would be presented with two errors. The first reads "Do you want to run this applicati…
Cloud file services can fill many different roles for your business. Often, the use of cloud file services begins with employees using consumer products, like Dropbox, to share files with customers and each other. While sync-and-share can be an effe…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question