Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
telnetd & ftpd not accessible
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
multix
Apprentice
Apprentice


Joined: 28 Nov 2004
Posts: 177
Location: Italy

PostPosted: Mon Jan 21, 2013 8:32 am    Post subject: telnetd & ftpd not accessible Reply with quote

Hi,

I have trouble delivering these old-style non secure services from my laptop. They are convenient, thus I wanto be able to run them at need, when I know I am in a secure intranet.

I have:
Code:

*  net-ftp/netkit-ftpd
      Latest version available: 0.17-r8
      Latest version installed: 0.17-r8
*  net-misc/netkit-telnetd
      Latest version available: 0.17-r10
      Latest version installed: 0.17-r10


This should be really the old-school stuff which always worked. I can access telnet from localhost but not from remote, ftp not even that.

xined.d/ftp looks like:
Code:

service ftp
{
        socket_type             = stream
        protocol                = tcp
        wait                    = no
        user                    = root
        server                  = /usr/bin/ftpd -l
        disable                 = no
}

Which means it is enabled, right? To disable it, disable=yes

while telnet is configured like:
Code:

service telnet
{
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure += USERID
        disable         = no
}


I have no entries for these services in /etc/pam.d though

Any ideas? thanks, riccardo
Riccardo
_________________
Unix is user friendly. It is only careful selecting its friends.
Back to top
View user's profile Send private message
multix
Apprentice
Apprentice


Joined: 28 Nov 2004
Posts: 177
Location: Italy

PostPosted: Tue Jan 22, 2013 5:03 pm    Post subject: Reply with quote

shameless bump :) if it were PAM, shouldn't I find a file installed to modifiy it? If there is no description for pam, does it mean the service is blocked or free? I suppose the latter.
_________________
Unix is user friendly. It is only careful selecting its friends.
Back to top
View user's profile Send private message
limn
l33t
l33t


Joined: 13 May 2005
Posts: 896

PostPosted: Wed Jan 23, 2013 2:18 pm    Post subject: Reply with quote

What message do you get when you try to connect?
Do you have a firewall?
Have you looked in the logs (/var/log/)?
Back to top
View user's profile Send private message
mjoswig
Tux's lil' helper
Tux's lil' helper


Joined: 05 Feb 2003
Posts: 122
Location: Hamburg, Germany

PostPosted: Sat Jun 01, 2013 10:21 am    Post subject: Reply with quote

I had the same problem.
After searching I saw that an update of xinetd changed the config (/etc/xinetd.conf) to allow login only from localhost (Option only_from).
Changing that (and restarting xinet) I could connect from my intranet again. There was no need for a file in /etc/pam.d
Maybe that happened to you too?
Back to top
View user's profile Send private message
666threesixes666
Veteran
Veteran


Joined: 31 May 2011
Posts: 1237
Location: 42.68n 85.41w

PostPosted: Sat Jun 01, 2013 6:08 pm    Post subject: Reply with quote

just my 2 scents....

SFTP in nautilus is REALLY slick, and would kill 2 birds with 1 stone. ssh is well supported, and works out of the box. why go a step backwards in time? i know sshfs does basically the same thing as sftp in nautilus (clearly i didnt explore too far when learning about sftp) in terminal.
_________________
cat /etc/*-release
Funtoo Linux - baselayout 2.2.0
consider this warning no. 1
https://wiki.gentoo.org/index.php?title=Special:Contributions/666threesixes666&offset=&limit=500&target=666threesixes666
Back to top
View user's profile Send private message
mjoswig
Tux's lil' helper
Tux's lil' helper


Joined: 05 Feb 2003
Posts: 122
Location: Hamburg, Germany

PostPosted: Sun Jun 02, 2013 9:00 pm    Post subject: Reply with quote

666threesixes666 wrote:
just my 2 scents....

SFTP in nautilus is REALLY slick, and would kill 2 birds with 1 stone. ssh is well supported, and works out of the box. why go a step backwards in time? i know sshfs does basically the same thing as sftp in nautilus (clearly i didnt explore too far when learning about sftp) in terminal.


You may be right but there may be a cause for telnet: My box is completey remote and whenever there is an update to sshd I need to restart the daemon. I'm glad that I can do this via telnet and be able to do something if sshd doesn't come up again. Happened to me once, so I know what I'm talking about.
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 8972

PostPosted: Sun Jun 02, 2013 10:06 pm    Post subject: Reply with quote

If I recall correctly, stopping sshd does not close existing ssh tunnels. I would be very uncomfortable with using telnet to a root account on a remote machine.
Back to top
View user's profile Send private message
666threesixes666
Veteran
Veteran


Joined: 31 May 2011
Posts: 1237
Location: 42.68n 85.41w

PostPosted: Mon Jun 03, 2013 12:06 am    Post subject: Reply with quote

i see where your going with this mjoswig.... however i would rely upon phoning a technician @ the remote site over opening security vulnerabilities. i know this isnt an option to most people with remote servers, there should be redundant ssh mechanisms separate but equal for your cases.

internet says mosh, portage has it... ill investigate it. id rather produce a solid viable answer than step back to services that should be deprecated for good.

the only case i can see for telnet is hitting local printers / routers with console cables.



telenets gross, but ill answer the original post as i do see SOME values of leaking your passwords in plain text across the internet (yeah telnets seriously insecure!!!!)

(as root)
Code:

echo "net-misc/utelnetd" >> /etc/portage/package.accept_keywords
emerge -av net-misc/utelnetd


when done, start service at boot, and start service right now

(as root)
Code:

rc-update add utelnetd default
/etc/init.d/utelnetd start


test functionality.....

Code:

telnet localhost


email 6's a beer ;-)

edit: forgot you asked for my FTP knowledges too.....

http://wiki.gentoo.org/wiki/Vsftpd

see precomputed solution ;-)
_________________
cat /etc/*-release
Funtoo Linux - baselayout 2.2.0
consider this warning no. 1
https://wiki.gentoo.org/index.php?title=Special:Contributions/666threesixes666&offset=&limit=500&target=666threesixes666


Last edited by 666threesixes666 on Mon Jun 03, 2013 1:46 am; edited 1 time in total
Back to top
View user's profile Send private message
Ant P.
Advocate
Advocate


Joined: 18 Apr 2009
Posts: 2363
Location: UK

PostPosted: Mon Jun 03, 2013 1:21 am    Post subject: Reply with quote

mjoswig wrote:
You may be right but there may be a cause for telnet: My box is completely remote and whenever there is an update to sshd I need to restart the daemon. I'm glad that I can do this via telnet and be able to do something if sshd doesn't come up again. Happened to me once, so I know what I'm talking about.

Set up a second sshd and restart the first via that.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum