SUMMARY: ftp problem

From: Robert Kline (rkline@spock.wcupa.edu)
Date: Fri Mar 01 1996 - 11:44:51 CST


This was the problem I presented:
---------------------------------------------------------------------
Our system allows some users to access ftp and others not to.
It's not an issue of the "shell" being listed in /etc/shells;
all users have the same shell, tcsh.

Here's a sample dialog:

> ftp enterprise
Connected to enterprise.wcupa.edu.
220 enterprise FTP server (UNIX(r) System V Release 4.0) ready.
Name (enterprise:menoches):
331 Password required for menoches.
Password:
530 Login incorrect.
Login failed.
ftp>
ftp> ls
230 User menoches logged in.
530 Login incorrect.
ftp> 200 PORT command successful.

The login reports failure, yet if return and "ls" are typed the
source directories are listed as if it had succeeded.
However, the ftp commands like "get" and "put" do not work.

The weird thing is that it works for some users and not others.
So far I haven't been able to find an obvious distinction. I've looked
through the summaries but couldn't find anything like this.

I'm running Solaris 2.4 with many patches.
I'd appreciate any help, and will post solutions.
---------------------------------------------------------------------

Thanks to the following respondents:

 Reggie Dugard reggie@rentec.com
 Casper Dik casper@holland.Sun.COM
 Tim Pointing tim@ben.dciem.dnd.ca
 Benjamin Cline benji@hnt.com

---------------------------------------
Reggie Dugard reported this:

 "I had a similar problem and it turned out that users were typing more
 than eight characters for their password. login and su only take the
 first eight characters of whatever is typed to compare with the
 password, but it seems that ftp takes everything it's given.

 Apparently your encrypted password is based on only the first
 8 characters of your password. ftp uses all the characters of
 your password for the encryption check."

So the problem can be circumvented by either:

        - changing your password to have only 8 characters
or
        - giving only the first 8 characters to ftp password prompt

There must be a better way to deal with this, but I don't know right now.

==============================================
Robert Kline
Computer Science Department
West Chester University
West Chester, PA 19383
Phone: 610-436-2181
e-mail: rkline@wcupa.edu
==============================================



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:54 CDT