Recommendation for [EMAIL PROTECTED] : install another ftp option rather than gssftp and tftp, such
as vsftpd.
Details for anyone who is interested:
I posted a week or so ago about how we had 3 polycom phones that were not updating their bootroms via the ftp server. I was using gssftp rather than tftp as it is recommended not to use tftp with polycom phones on the wiki. Gssftp is the alternative supplied on [EMAIL PROTECTED]
Anyway, I got kerberos authentication errors with gssftp and could not connect when I ftp'd by hand. I fixed this by changing the line:
server_args = -l -a
to
server_args = -l
in the /etc/xinetd.d/gssftp file.
I still got kerberos errors when ftping in by hand, but I could put and get files no problem, there was only the errors on log in. The phones were able to connect and upload their log files so I assumed that ftp access was working.
Anyway, after wasting a lot of time trying to get support through Polycom, and playing around with things, I finally decided that maybe these error messages were causing a problem for the phones.
I googled around on these errors and "gssftp" and I did not find much joy. I couldn't find a definitive list of what possibilities go into "server_args" and kerberos seems rather arcane even for someone who has been a Linux user for 12 years like me. (I guess I just moved from the "unsecure" days of Linux directly to the "ssh" days of Linux and bypassed the kerberos era.)
Anyway, the one thing I found by googling was that a lot of people have the same problem I have. I could not find anyone saying "to fix that, do this configuration to gssftp". Instead I found a lot of people saying "to fix that, install a nicer ftp like vsftpd". So, I did. And the phones worked immediately... just reboot and they could get their configurations and bootrom updates and I was off to the races.
So... mucking around with gssftp wasted a lot of my time and now I really really hate it :) My asterisk box is sitting pretty behind a firewall so I don't have a lot of need for network security. With vsftpd I still get a funny kerberos message (I'm wondering if I can just uninstall kerberos because I really don't want to have anything to do with it... any comments?) Here is what I get when I ftp to my asterisk box from the commandline:
220 (vsFTPd 1.2.1) 530 Please login with USER and PASS. 530 Please login with USER and PASS. KERBEROS_V4 rejected as an authentication type
Anyway, I just thought this would be a good place to throw the idea out of using a different ftp option for Asterisk. There is an vsftpd RPM in the CentOS distribution. Also, thought I would report on this so that if anyone has the same errors they might have a chance of finding this post and following the same steps.
Don
_______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
