Re: FTP Server Access Error
On Fri, 26 Aug 2011, Pablo Cavero wrote: --000e0cd2e6ac8ff33a04ab6e36d4 Content-Type: text/plain; charset=ISO-8859-1 Hi, Please Help me about this error: [root@Deimos ~]# ftp Selene Connected to Selene (172.20.1.177). 220 (vsFTPd 2.2.2) Name (Selene:root): pablo 331 Please specify the password. Password: 500 OOPS: cannot change directory:/home/pablo Login failed. ftp ftp Thx a lot!! You need to verify that /home/pablo exists. -Connie Sieh
Re: FTP Server Access Error
Hi, By Default this directory have an 700 like permissions. [root@Selene home]# ll total 8 drwx--. 4 pablo pablo 4096 Aug 18 14:31 pablo but, inside of this directory, have an Root file?!?!? [root@Selene pablo]# ls -la total 28 drwx--. 4 pablo pablo 4096 Aug 18 14:31 . *drwxr-xr-x. 4 root root 4096 Aug 26 16:57 ..* -rw-r--r--. 1 pablo pablo 18 Nov 22 2010 .bash_logout -rw-r--r--. 1 pablo pablo 176 Nov 22 2010 .bash_profile -rw-r--r--. 1 pablo pablo 124 Nov 22 2010 .bashrc drwxr-xr-x. 2 pablo pablo 4096 Nov 23 2010 .gnome2 drwxr-xr-x. 4 pablo pablo 4096 Aug 18 13:06 .mozilla [root@Selene pablo]# And... am not running SE-Linux. Thanx, P.Cavero 2011/8/26 Kevin Thomas axel2...@gmail.com What are the permissions on /home/pablo? On Fri, Aug 26, 2011 at 3:15 PM, Pablo Cavero pcavero.scienti...@gmail.com wrote: Hi, Please Help me about this error: [root@Deimos ~]# ftp Selene Connected to Selene (172.20.1.177). 220 (vsFTPd 2.2.2) Name (Selene:root): pablo 331 Please specify the password. Password: 500 OOPS: cannot change directory:/home/pablo Login failed. ftp ftp Thx a lot!! -- Pablo Cavero System Engineer +569 8920 9509 -- Pablo Cavero System Engineer +569 8920 9509
Re: FTP Server Access Error
On Monday, August 29, 2011 18:11:33 Pablo Cavero wrote: Hi, By Default this directory have an 700 like permissions. [root@Selene home]# ll total 8 drwx--. 4 pablo pablo 4096 Aug 18 14:31 pablo but, inside of this directory, have an Root file?!?!? [root@Selene pablo]# ls -la total 28 drwx--. 4 pablo pablo 4096 Aug 18 14:31 . drwxr-xr-x. 4 root root 4096 Aug 26 16:57 .. the .. entry in the directory listing refers to the parent directory of the directory that is listed. And in the case of your home dir .. refers to the /home or whereever the home directories are stored on your installation which is owned by root. Cheers, Andreas smime.p7s Description: S/MIME cryptographic signature
Re: ftp
Does the account that you are trying to ftp into on the server side have a valid shell? is that shell listed in /etc/shells? Is ftpd open in the iptables on the server side, and in /etc/hosts.allow, hosts.deny? Steve On Thu, 30 Jul 2009, Ron Rechenmacher wrote: Hi, I'm having trouble connecting to a SLF5 kerberized ftpd from an SLF5 kerberized ftp client. On the server, I'm using: rpm -qf /usr/kerberos/sbin/ftpd krb5-workstation-1.6.1-31.el5_3.3.x86_64 On the client, I'm using: rpm -qf rpm -qf /usr/kerberos/bin/ftp krb5-workstation-1.6.1-31.el5_3.3.x86_64 On the client side, I get: ... GSSAPI error major: Unspecified GSS failure. Minor code may provide more information GSSAPI error minor: Permission denied GSSAPI error: acquiring credentials GSSAPI ADAT failed GSSAPI authentication failed ... and on the server side, in /var/log/messages, I get: ... ftpd[25305]: gssapi error acquiring credentials ... I do have a valid ticket! and I can connect to another SLF5 node, so it seems to be a server issue. I've tried looking at the kdc logs on fnalu... I use to be able to tail -f the log in the tmp directory but now I can just see a log file that seems to be several hours old. In that log file, however, I do see an ISSUE: line for my server, so it would appear that I do have a valid ftp principal. Any suggestions? Thanks, Ron -- -- Steven C. Timm, Ph.D (630) 840-8525 t...@fnal.gov http://home.fnal.gov/~timm/ Fermilab Computing Division, Scientific Computing Facilities, Grid Facilities Department, FermiGrid Services Group, Assistant Group Leader.
Re: ftp
Hi Steve, The account is my own user account and I can ssh to it. I currently have iptables off. I do have: ftpd: ALL in /etc/hosts.allow and ALL: ALL: banners /etc/banners in host.deny (again, I can ssh into the node just fine). Thanks for the reply. This problem is puzzling to me. I tied added the -v option (actually -v -v -v just in case) to server_args in xinetd.d/gssftp. I just get the additional info of importing the ftp and host principal info (from the keytab). In my /etc/krb5.keytab file I do see something a bit strange: The KVNO for the ftp entry is 3 while the host line has KVNO 6. --Ron Steven Timm wrote: Does the account that you are trying to ftp into on the server side have a valid shell? is that shell listed in /etc/shells? Is ftpd open in the iptables on the server side, and in /etc/hosts.allow, hosts.deny? Steve On Thu, 30 Jul 2009, Ron Rechenmacher wrote: Hi, I'm having trouble connecting to a SLF5 kerberized ftpd from an SLF5 kerberized ftp client. On the server, I'm using: rpm -qf /usr/kerberos/sbin/ftpd krb5-workstation-1.6.1-31.el5_3.3.x86_64 On the client, I'm using: rpm -qf rpm -qf /usr/kerberos/bin/ftp krb5-workstation-1.6.1-31.el5_3.3.x86_64 On the client side, I get: ... GSSAPI error major: Unspecified GSS failure. Minor code may provide more information GSSAPI error minor: Permission denied GSSAPI error: acquiring credentials GSSAPI ADAT failed GSSAPI authentication failed ... and on the server side, in /var/log/messages, I get: ... ftpd[25305]: gssapi error acquiring credentials ... I do have a valid ticket! and I can connect to another SLF5 node, so it seems to be a server issue. I've tried looking at the kdc logs on fnalu... I use to be able to tail -f the log in the tmp directory but now I can just see a log file that seems to be several hours old. In that log file, however, I do see an ISSUE: line for my server, so it would appear that I do have a valid ftp principal. Any suggestions? Thanks, Ron
Re: ftp
What happens, if, as root on the server, you do kinit -k ftp/hostn...@fnal.gov klist -f That will show you if the ftp principal in the keytab is OK. Given the different version numbers it might not be. Steve On Thu, 30 Jul 2009, Ron Rechenmacher wrote: Hi Steve, The account is my own user account and I can ssh to it. I currently have iptables off. I do have: ftpd: ALL in /etc/hosts.allow and ALL: ALL: banners /etc/banners in host.deny (again, I can ssh into the node just fine). Thanks for the reply. This problem is puzzling to me. I tied added the -v option (actually -v -v -v just in case) to server_args in xinetd.d/gssftp. I just get the additional info of importing the ftp and host principal info (from the keytab). In my /etc/krb5.keytab file I do see something a bit strange: The KVNO for the ftp entry is 3 while the host line has KVNO 6. --Ron Steven Timm wrote: Does the account that you are trying to ftp into on the server side have a valid shell? is that shell listed in /etc/shells? Is ftpd open in the iptables on the server side, and in /etc/hosts.allow, hosts.deny? Steve On Thu, 30 Jul 2009, Ron Rechenmacher wrote: Hi, I'm having trouble connecting to a SLF5 kerberized ftpd from an SLF5 kerberized ftp client. On the server, I'm using: rpm -qf /usr/kerberos/sbin/ftpd krb5-workstation-1.6.1-31.el5_3.3.x86_64 On the client, I'm using: rpm -qf rpm -qf /usr/kerberos/bin/ftp krb5-workstation-1.6.1-31.el5_3.3.x86_64 On the client side, I get: ... GSSAPI error major: Unspecified GSS failure. Minor code may provide more information GSSAPI error minor: Permission denied GSSAPI error: acquiring credentials GSSAPI ADAT failed GSSAPI authentication failed ... and on the server side, in /var/log/messages, I get: ... ftpd[25305]: gssapi error acquiring credentials ... I do have a valid ticket! and I can connect to another SLF5 node, so it seems to be a server issue. I've tried looking at the kdc logs on fnalu... I use to be able to tail -f the log in the tmp directory but now I can just see a log file that seems to be several hours old. In that log file, however, I do see an ISSUE: line for my server, so it would appear that I do have a valid ftp principal. Any suggestions? Thanks, Ron -- -- Steven C. Timm, Ph.D (630) 840-8525 t...@fnal.gov http://home.fnal.gov/~timm/ Fermilab Computing Division, Scientific Computing Facilities, Grid Facilities Department, FermiGrid Services Group, Assistant Group Leader.
Re: ftp
Thanks for this chant (I hadn't learned/used the -k flag before :) I was able to successfully kinit -k for both the host and ftp principals. So the ftp principal is OK and something else must be wrong. Thanks again Steve. --Ron Steven Timm wrote: What happens, if, as root on the server, you do kinit -k ftp/hostn...@fnal.gov klist -f That will show you if the ftp principal in the keytab is OK. Given the different version numbers it might not be. Steve On Thu, 30 Jul 2009, Ron Rechenmacher wrote: Hi Steve, The account is my own user account and I can ssh to it. I currently have iptables off. I do have: ftpd: ALL in /etc/hosts.allow and ALL: ALL: banners /etc/banners in host.deny (again, I can ssh into the node just fine). Thanks for the reply. This problem is puzzling to me. I tied added the -v option (actually -v -v -v just in case) to server_args in xinetd.d/gssftp. I just get the additional info of importing the ftp and host principal info (from the keytab). In my /etc/krb5.keytab file I do see something a bit strange: The KVNO for the ftp entry is 3 while the host line has KVNO 6. --Ron Steven Timm wrote: Does the account that you are trying to ftp into on the server side have a valid shell? is that shell listed in /etc/shells? Is ftpd open in the iptables on the server side, and in /etc/hosts.allow, hosts.deny? Steve On Thu, 30 Jul 2009, Ron Rechenmacher wrote: Hi, I'm having trouble connecting to a SLF5 kerberized ftpd from an SLF5 kerberized ftp client. On the server, I'm using: rpm -qf /usr/kerberos/sbin/ftpd krb5-workstation-1.6.1-31.el5_3.3.x86_64 On the client, I'm using: rpm -qf rpm -qf /usr/kerberos/bin/ftp krb5-workstation-1.6.1-31.el5_3.3.x86_64 On the client side, I get: ... GSSAPI error major: Unspecified GSS failure. Minor code may provide more information GSSAPI error minor: Permission denied GSSAPI error: acquiring credentials GSSAPI ADAT failed GSSAPI authentication failed ... and on the server side, in /var/log/messages, I get: ... ftpd[25305]: gssapi error acquiring credentials ... I do have a valid ticket! and I can connect to another SLF5 node, so it seems to be a server issue. I've tried looking at the kdc logs on fnalu... I use to be able to tail -f the log in the tmp directory but now I can just see a log file that seems to be several hours old. In that log file, however, I do see an ISSUE: line for my server, so it would appear that I do have a valid ftp principal. Any suggestions? Thanks, Ron
Re: ftp
The problem turned out to be that there seems to be an selinux configuration issue on my machine and I didn't notice that the setroubleshoot service die (I did suspect that there might be an selinux issue but I was expecting there to be log messages.) Any way, the problem for now is solved. --Ron
Re: ftp server functional?
Pann McCuaig wrote: Is ftp.scientificlinux.org working for anyone right now (13:25 EST)? Works fine here. Cheers, Mark -- Mr. Mark V. Stodola Digital Systems Engineer National Electrostatics Corp. P.O. Box 620310 Middleton, WI 53562-0310 USA Phone: (608) 831-7600 Fax: (608) 831-9591
Re: ftp server functional?
On Wed, Dec 10, 2008 at 12:35, Mark Stodola wrote: Pann McCuaig wrote: Is ftp.scientificlinux.org working for anyone right now (13:25 EST)? Works fine here. Mark, Yup, it's working for me now as well shrug. Thanks. Cheers, Pann -- Pann McCuaig [EMAIL PROTECTED]212-854-8689 Systems Coordinator, Economics Department, Columbia University Department Computing Resources: http://www.columbia.edu/cu/economics/computing/
Re: ftp ftp.scientificlinux.org problem
Yup, the same here in UK Cheers, Matteo Faye Gibbins wrote: Valery Mitsyn wrote: Hi, something unusual must have happened for the last two days w/ ftp to ftp.scientificlinux.org. It hang forever after: Connected to ftp.scientificlinux.org (131.225.110.41) Best regards, Valery Mitsyn Yeah, we've been experiencing that too. Both passive and active behave like this. Yours Faye -- Grid Systems Support Officer Oxford e-Research Centre (OeRC) http://www.oerc.ox.ac.uk
Re: ftp ftp.scientificlinux.org problem
We are researching the problem. Thanks for reporting it. -Connie Sieh On Mon, 11 Feb 2008, Valery Mitsyn wrote: Hi, something unusual must have happened for the last two days w/ ftp to ftp.scientificlinux.org. It hang forever after: Connected to ftp.scientificlinux.org (131.225.110.41) Best regards, Valery Mitsyn
Re: ftp ftp.scientificlinux.org problem
Valery Mitsyn wrote: Hi, something unusual must have happened for the last two days w/ ftp to ftp.scientificlinux.org. It hang forever after: Connected to ftp.scientificlinux.org (131.225.110.41) Best regards, Valery Mitsyn Yeah, we've been experiencing that too. Both passive and active behave like this. Yours Faye -- - Faye Gibbins, Computing Officer (Infrastructure Services) - I grabbed at spannungsbogen before I knew I wanted it. The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.
