Cannot ftp from EXTERNAL sender


Login or Register for Dates, Times and to Reply

 
Thread Tools Search this Thread
Top Forums UNIX for Beginners Questions & Answers Cannot ftp from EXTERNAL sender
# 1  
Cannot ftp from EXTERNAL sender

ood morning, i need your help please

from EXTERNAL sender somedy is trying to ftp by a public ip address this way

Code:
ftp 190.13.96.8
Connected to 190.13.96.8.
220 pricing01c FTP server ready.
Name (190.13.96.8:g803162): synverse
331 Password required for synverse.
Password:
530 Login incorrect.
Login failed.
ftp>

WE reset the passwd, localy from pricing01c trying to ftp but is not working

Code:
/produccion/explotacion/xptol # hostname
pricing01c
/produccion/explotacion/xptol # ftp pricing01c
Connected to 10.80.1.29.
220 pricing01c FTP server ready.
Name (10.80.1.29:xptol): synverse
331 Password required for synverse.
Password:
530 Login incorrect.
Login failed.

I cheked out the user and it exists:
Code:
/produccion/explotacion/xptol # grep synverse /etc/passwd
synverse:x:1141:118:661/C/*CDPTMR//DPE_CO_COLOMBIA TELECOMUNICACIONES SA-MIDRANGE - Usuario FTP synverse:/produccion01/explotacion/xproaming/tap3/dat/recepcion/archivos:/bin/false

This is the OS
Code:
etc/ftpd # uname -a
SunOS pricing01c 5.10 Generic_144488-01 sun4u sparc SUNW,SPARC-Enterprise

I checked out thet user into the ftpd directoty and found nothing:

Code:
etc/ftpd # ls -lrt
total 14
-rw-r--r--   1 root     sys          946 Jan 21  2005 ftpconversions
-rw-r--r--   1 root     sys          104 Jan 21  2005 ftpgroups
-rw-r--r--   1 root     sys          114 Jan 21  2005 ftpservers
-rw-r--r--   1 root     sys          108 Jan 21  2005 ftphosts
-rw-r--r--   1 root     sys          437 Feb  7  2011 ftpusers
-rw-r--r--   1 root     sys         1530 Mar  9  2011 ftpaccess
/etc/ftpd # uname -a
SunOS pricing01c 5.10 Generic_144488-01 sun4u sparc SUNW,SPARC-Enterprise
/etc/ftpd # 
/etc/ftpd # grep synverse ftp*

The admin found the account disabled because of multiple retries but enable and reset the passwd again, and we tried one more time bat failed

What else can i check it out ?
I appreciate your help in advanced

Last edited by rbatte1; 01-06-2020 at 11:36 AM..
# 2  
The ftpaccess file is probably blocking the user, as a guess, something is not configured correctly in there.

Reference: Controlling FTP Server Access - System Administration Guide: Network Services

First thing to check:
Usually there is a line in the file to allow access based on network ipv4 address, example: 10.192.*
Work through all of the settings carefully one by one because there are other kinds of settings to check. ftp is a security risk, so this file exists to control access.

FWIW: We disabled ftp in favor of sftp, with Putty (free) on all of the windows desktops that needed sftp access to files.
# 3  
Thank you very much for your help, to be honest is hard to me understand each line of this file, so ive got the edited file so far, dont know if it can help

Code:
/etc/ftpd # cat ftpaccess
# ident "@(#)ftpaccess  1.2     03/05/14 SMI"
#
# FTP server configuration file, see ftpaccess(4).
#

class           realusers       real            *
class           guestusers      guest           *
class           anonusers       anonymous       *

loginfails      3
passwd-check    trivial         warn
private         no
shutdown        /etc/ftpd/shutdown.msg
# email         user@hostname
# guestuser     username
# rhostlookup   no

keepalive       yes
recvbuf         65536           real,guest,anonymous
sendbuf         65536           real,guest,anonymous
# flush-wait    no              anonymous
# passive       ports           0.0.0.0/0       32768   65535
# timeout       data            600
# timeout       idle            300

banner          /etc/ftpd/banner.msg
greeting        brief
message         /etc/ftpd/welcome.msg   login
message         .message                cwd=*
readme          README*                 login
readme          README*                 cwd=*
# quota-info    *

chmod           no              anonymous
delete          no              anonymous
overwrite       no              anonymous
rename          no              anonymous
umask           no              anonymous

compress        yes             realusers guestusers anonusers
tar             yes             realusers guestusers anonusers

path-filter     guest,anonymous /etc/ftpd/filename.msg  ^[[:alnum:]._-]*$ ^[.-]

noretrieve      relative        class=anonusers         /
allow-retrieve  relative        class=anonusers         /pub

upload          class=anonusers    *    *         no  nodirs
# upload        class=anonusers    *    /incoming yes ftpadm ftpadm 0440 nodirs

# log           commands        real,guest,anonymous
# log           security        real,guest,anonymous
# log           transfers       real,guest,anonymous    inbound,outbound
# xferlog       format  %T %Xt %R %Xn %XP %Xy %Xf %Xd %Xm %U ftp %Xa %u %Xc %Xs %Xr

# limit-time    anonymous       30
# limit         anonusers       10      Wk0730-1800       /etc/ftpd/toomany.msg
# limit         anonusers       50      SaSu|Any1800-0730 /etc/ftpd/toomany.msg

We tested another user using ftp and itworks
Code:
etc/ftpd # ftp proscltol01c
Connected to pricing01c.
220 pricing01c FTP server ready.
Name (pricing01c:xptol): xptol
331 Password required for xptol.
Password:
230 User xptol logged in.
Remote system type is UNIX.
Using binary mode to transfer files.

# 4  
Have you added this account to /etc/ftpusers by any chance? Confusingly that is a list of users NOT permitted to login with ftp.

Another thought is that the account might be locked. Do you get any output from pam_tally2 ?



Kind regards,
Robin
Login or Register for Dates, Times and to Reply

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #284
Difficulty: Easy
AIX (Advanced Interactive eXecutive) is a series of proprietary Unix operating systems developed and sold by Digital Equipment Corporation (DEC) for several of its computer platforms.
True or False?

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

lftp script to connect to external sftp site and download to internal ftp and then send email

Hi there, I'm new to shell scripting and need some help if possible? I need to create a shell script (.sh) to run as a cron job on an ubuntu linux server to connect to an external sftp sites directory using credentials (which I have) and then download to our internal ftp server and then copy... (3 Replies)
Discussion started by: ghath
3 Replies

2. UNIX for Dummies Questions & Answers

fake email sender

Hi, I am using the below command to send the email. mailx -s "test from `hostname`" email@gmail.com < attachment.txt id uid=870(wlsuser) gid=641(wlsgrp) I recieve the email as "From: wlsuser@hostname Can I somehow have any string instead of wlsuser, if that grows too complex to... (4 Replies)
Discussion started by: shifahim
4 Replies

3. UNIX for Advanced & Expert Users

Postfix sender problem

Hi All! I have a very annoying problem. I have an openSuSE box, running postfix on it. It is configured, to use gmail to send mails. It is working fine, I accept the messages, but the sender is my gmail account, not the linux box. How can I (if I can) configure postfix to send the mails with... (0 Replies)
Discussion started by: szzed
0 Replies

4. Shell Programming and Scripting

Overwriting sender's information for mailx

Hello Forum members. We currently have a reusable script called "send_email.sh" that is used to send us alerts when our daily jobs are completed. Script uses the mailx utility and below is a sample message: -----Original Message----- From: Servacct ETL process owner - Manager Database... (2 Replies)
Discussion started by: pchang
2 Replies

5. UNIX for Advanced & Expert Users

HL7 MLLP Sender in C

Hi Everyone, This is a pretty big request, but I was wondering if anyone out there has a program written in C, Perl, Tcl or whatever that can be executed from the command line and will send HL7 messages from a NL delimited file and send them to the specifid host/port using the MLLP HL7 TCP... (1 Reply)
Discussion started by: troym72
1 Replies

6. UNIX for Advanced & Expert Users

postfix sender address rewriting

Hi, I have a postfix server that relays to an exchange server. All of my unix/linux systems send to this server, the problem is the form the mail is sent with, the sender address is username@hostname.domain.local I need to rewrite every sender address to unix@maildomain.com for... (0 Replies)
Discussion started by: funksen
0 Replies

7. Shell Programming and Scripting

Sender email address has to changes

I am sending email with attachment using mail and uuencode command. Ex: (echo "$EMAIL_BODY"; uuencode $FILE ATTACH.TXT) || mail "$EMAIL_ID" -s "$EMAIL_SUB" I am getting email from "applmgr@rigelapp01.us.dell.com". I want to change this email address into... (1 Reply)
Discussion started by: balajiora
1 Replies

8. UNIX for Dummies Questions & Answers

Different Sender Address

Hello Following command send link to division managers. echo http://severname:8081/account-reports/2008Jun19-2008Jun25.2/index.html | mail -s "Weekly Division Sales Report" johndoe@companmail.com QUESTION. Above command send a body which is link of division report in email with... (1 Reply)
Discussion started by: paulds
1 Replies

9. UNIX for Advanced & Expert Users

Mail Sender

Hello All, My unix (AIX 5.2) login is robk, my MS Exchange user name is rkapfer. What I want to do is send mail as rkapfer while logged in (to unix) as robk. I'm currently doing uuencode <pdf> <pdf>|mail -s"Subject" <recipient> works fine except the recipient sees me as robk@xyz.com.... (0 Replies)
Discussion started by: rkapfer
0 Replies

10. UNIX for Dummies Questions & Answers

mail without sender's id!

I found a mail which confused me a lot! since it did not contain any information regarding the sender of that mail. Is it possible to do like this? First i thought there was something wrong with the mail server.. but the subject of that mail still confused "nobody". How is it possible? or can I do... (3 Replies)
Discussion started by: sskb
3 Replies