Solved

FTPerror.NETRC

Posted on 2011-03-04
7
809 Views
Last Modified: 2012-05-11
I have a shell script that uses ftp to copy files from machine another machine

/sips @ ftp rs100
connect to rs100.xx.xx
220 rs100 FTP server ready
Error - .netrc file not correct mode
Remove password or correct mode
221 goodbye

Does this mean the .netrc file on server a has incorrect password.

I added a line for correct password for sips and i tried it manually and it works.

any idea.
0
Comment
Question by:sam15
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 2

Assisted Solution

by:clayhopkins
clayhopkins earned 200 total points
ID: 35039259
It probably means you either don't have access to read the source file, or write access on the destination folder.  Start by verifying that the ftp user or the usergroup that the ftp user belongs to has the correct permissions in both places.
0
 
LVL 19

Expert Comment

by:simon3270
ID: 35039365
The .netrc file must only be readable and writable by the owner - not by group or other.

so

   chmod 600 ~/.netrc

and try again
0
 

Author Comment

by:sam15
ID: 35041017
kind of stange.

when i did chmod 600 it seems to run but i ran into other issues.

I had chmod 777 on the .netrc file, can this be an issue?

also i have 3 accounts in the .netrc file. which login does it read?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Assisted Solution

by:clayhopkins
clayhopkins earned 200 total points
ID: 35041923
chmod of 777 means anyone that can access your machine has full permissions (read, write, execute) on that file.  Not a good thing!  It should only be accessible by the file owner, hence the chmod of 600 as shown by simon.

Do you have three accounts listed under one machine name in the .netrc, or three machines each with their own user account?  There should only be one username/password pair per machine listed.
0
 
LVL 19

Expert Comment

by:simon3270
ID: 35044422
Not only can anyone read and write your .netrc file (with 777 permissions), but the ftp program will ignore it.  It will *only* read that file and use the entries in it if the permissions are 600 (or 400 or 700, but 600 will do fine).
0
 

Author Comment

by:sam15
ID: 35046548
.netrc had two machines (one account for each).

then i added a second account (3rd line)  for 1st machine. Does this impact anything? would the program use the first line or 3rd line..

Are you also saying that the ftp program would not run with 777 permissions assigned. kind of strange. let us say i want all users or programs owned by others to run it.
0
 
LVL 19

Accepted Solution

by:
simon3270 earned 300 total points
ID: 35046648
You can only have one account on each machine in .netrc - when you run the ftp program, it uses the supplied machine name to look up the single username and password to use.  If you have two accounts in .netrc for the same machine, the result may not be consistent or reliable.

Since ftp uses the exact hostname to look up the entry, it is possible to have two accounts on one machine if there is an alias available for that machine.  For example, if you are accessing a machine on your network and you can either use the bare hostname (e.g. ftpserv), or the hostname+domain (e.g. ftpserv.homedom.com), then you could have one entry in .netrc using ftpserv, and another for another account using ftpserv.homedom.com.  You then use the correct name for the account you want to access.

The .netrc file is specific to a single user (since it is in that user's home directory), and only that user can be allowed to read/write it.  If the file is readable or writable by anyone else (in the same group or not), then the ftp program will either ignore it (and prompt for username/password) or will, as in your case, stop.  

The permissions for the ftp program itself are separate.  They will probably be 755 or 555, so that anyone can execute the program, but only the owner can write to it (for 755) or nobody can write to for (555).  Having 777 permissions on the ftp program is very dangerous - it means that anyone can overwrite the program with a potentially dangerous new version.

So, on my local machine, I have:

$ ls -lL ~/.netrc /usr/bin/ftp
-rw------- 1 sr    sr     61 2011-02-04 15:23 /home/sr/.netrc
-rwxr-xr-x 1 root root 74123 2010-05-14 03:45 /usr/bin/ftp

Open in new window

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question