View previous topic :: View next topic |
Author |
Message |
multix Apprentice
Joined: 28 Nov 2004 Posts: 240 Location: Italy
|
Posted: Mon Jan 21, 2013 8:32 am Post subject: telnetd & ftpd not accessible |
|
|
Hi,
I have trouble delivering these old-style non secure services from my laptop. They are convenient, thus I wanto be able to run them at need, when I know I am in a secure intranet.
I have:
Code: |
* net-ftp/netkit-ftpd
Latest version available: 0.17-r8
Latest version installed: 0.17-r8
* net-misc/netkit-telnetd
Latest version available: 0.17-r10
Latest version installed: 0.17-r10
|
This should be really the old-school stuff which always worked. I can access telnet from localhost but not from remote, ftp not even that.
xined.d/ftp looks like:
Code: |
service ftp
{
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/bin/ftpd -l
disable = no
}
|
Which means it is enabled, right? To disable it, disable=yes
while telnet is configured like:
Code: |
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = no
}
|
I have no entries for these services in /etc/pam.d though
Any ideas? thanks, riccardo
Riccardo _________________ Unix is user friendly. It is only careful selecting its friends. |
|
Back to top |
|
|
multix Apprentice
Joined: 28 Nov 2004 Posts: 240 Location: Italy
|
Posted: Tue Jan 22, 2013 5:03 pm Post subject: |
|
|
shameless bump if it were PAM, shouldn't I find a file installed to modifiy it? If there is no description for pam, does it mean the service is blocked or free? I suppose the latter. _________________ Unix is user friendly. It is only careful selecting its friends. |
|
Back to top |
|
|
limn l33t
Joined: 13 May 2005 Posts: 997
|
Posted: Wed Jan 23, 2013 2:18 pm Post subject: |
|
|
What message do you get when you try to connect?
Do you have a firewall?
Have you looked in the logs (/var/log/)? |
|
Back to top |
|
|
mjoswig Tux's lil' helper
Joined: 05 Feb 2003 Posts: 122 Location: Hamburg, Germany
|
Posted: Sat Jun 01, 2013 10:21 am Post subject: |
|
|
I had the same problem.
After searching I saw that an update of xinetd changed the config (/etc/xinetd.conf) to allow login only from localhost (Option only_from).
Changing that (and restarting xinet) I could connect from my intranet again. There was no need for a file in /etc/pam.d
Maybe that happened to you too? |
|
Back to top |
|
|
666threesixes666 Veteran
Joined: 31 May 2011 Posts: 1248 Location: 42.68n 85.41w
|
Posted: Sat Jun 01, 2013 6:08 pm Post subject: |
|
|
just my 2 scents....
SFTP in nautilus is REALLY slick, and would kill 2 birds with 1 stone. ssh is well supported, and works out of the box. why go a step backwards in time? i know sshfs does basically the same thing as sftp in nautilus (clearly i didnt explore too far when learning about sftp) in terminal. |
|
Back to top |
|
|
mjoswig Tux's lil' helper
Joined: 05 Feb 2003 Posts: 122 Location: Hamburg, Germany
|
Posted: Sun Jun 02, 2013 9:00 pm Post subject: |
|
|
666threesixes666 wrote: | just my 2 scents....
SFTP in nautilus is REALLY slick, and would kill 2 birds with 1 stone. ssh is well supported, and works out of the box. why go a step backwards in time? i know sshfs does basically the same thing as sftp in nautilus (clearly i didnt explore too far when learning about sftp) in terminal. |
You may be right but there may be a cause for telnet: My box is completey remote and whenever there is an update to sshd I need to restart the daemon. I'm glad that I can do this via telnet and be able to do something if sshd doesn't come up again. Happened to me once, so I know what I'm talking about. |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21624
|
Posted: Sun Jun 02, 2013 10:06 pm Post subject: |
|
|
If I recall correctly, stopping sshd does not close existing ssh tunnels. I would be very uncomfortable with using telnet to a root account on a remote machine. |
|
Back to top |
|
|
666threesixes666 Veteran
Joined: 31 May 2011 Posts: 1248 Location: 42.68n 85.41w
|
Posted: Mon Jun 03, 2013 12:06 am Post subject: |
|
|
i see where your going with this mjoswig.... however i would rely upon phoning a technician @ the remote site over opening security vulnerabilities. i know this isnt an option to most people with remote servers, there should be redundant ssh mechanisms separate but equal for your cases.
internet says mosh, portage has it... ill investigate it. id rather produce a solid viable answer than step back to services that should be deprecated for good.
the only case i can see for telnet is hitting local printers / routers with console cables.
telenets gross, but ill answer the original post as i do see SOME values of leaking your passwords in plain text across the internet (yeah telnets seriously insecure!!!!)
(as root)
Code: |
echo "net-misc/utelnetd" >> /etc/portage/package.accept_keywords
emerge -av net-misc/utelnetd
|
when done, start service at boot, and start service right now
(as root)
Code: |
rc-update add utelnetd default
/etc/init.d/utelnetd start
|
test functionality.....
email 6's a beer
edit: forgot you asked for my FTP knowledges too.....
http://wiki.gentoo.org/wiki/Vsftpd
see precomputed solution
Last edited by 666threesixes666 on Mon Jun 03, 2013 1:46 am; edited 1 time in total |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Mon Jun 03, 2013 1:21 am Post subject: |
|
|
mjoswig wrote: | You may be right but there may be a cause for telnet: My box is completely remote and whenever there is an update to sshd I need to restart the daemon. I'm glad that I can do this via telnet and be able to do something if sshd doesn't come up again. Happened to me once, so I know what I'm talking about. |
Set up a second sshd and restart the first via that. |
|
Back to top |
|
|
|