Re: ftp not allowed as 'root' 5.0.6 new install

From: Lawrence Garvin (lrgarvin_at_nospam.swbell.net)
Date: 01/25/05 

Date: Tue, 25 Jan 2005 15:04:49 GMT

I could offer two possible reasons why nobody's encountered this issue
before...

(1) running ftpd on a "low" or "traditional" security machine
(2) never changing the root password since installation

Since both of these would have to occur to encounter the error, and the
combination of the two is probably on the opposite end of the spectrum for
"security best practices", I imagine the liklihood of being encountered is
pretty low.

It's also probably why it slipped past testing and ended up in the Release
Notes as an 'issue'.

Best practices:
(1) if you're running ftpd... you really should consider security higher
than "traditional".
(2) if you're running ftpd... you definitely need to protect the root
account by regularly changing the password.
(3) if you're running ftpd... you really should disable the root account
from access.

..... unless, of course, you're running the server in an isolated network
where a very limited number of people could get access.

Then, you're just one of the few that might get hit by this bug.

Interestingly, it's my suspicion that most systems in that scenario did not
meet the criteria for the second prereq -- "root password was set during
system installation to a string longer than 8 characters" -- which may well
be the one reason these systems didn't suffer. I'm guessing most such
systems have pretty simple root passwords, if any at all.

Anyway.. glad I could help. Was purely luck that I ran across that note. I
was reviewing the Release Notes for another project and had just finished
scanning through the newsgroup looking for notes on v5.0.6 and happened to
read your message.

"scooter" <sullmann@telespectrum.com> wrote in message
news:1106663301.036154.279980@f14g2000cwb.googlegroups.com...
>
> Lawrence Garvin wrote:
>> Scott.... just found this note in the Release Notes for the 506A
> supplement.
>> Maybe this is the cause?
>>
>> ftpd root password recognition
>> The updated ftpd(ADMN) in Release Supplement 506A differs from the
> previous
>> release in its handling of certain long passwords. The root password
> will
>> not be recognized by ftpd if all the following conditions are met:
>>
>>
>> a.. a system was installed with the ``low'' or ``traditional''
> security
>> defaults,
>>
>> b.. its root password was set during system installation to a
> string
>> longer than 8 characters, and
>>
>> c.. the root password has never been changed since installation.
>> To correct this, run passwd(C) as root and enter the same password
> (or a new
>> one). This rewrites the password entry in a form that is
> understandable to
>> the new ftpd.
>>
>> _________________________
>> Lawrence Garvin, M.S., MCP
>> Principal/CTO
>> Onsite Technology Solutions
>> http://www.onsitechsolutions.com
>> ICQ#: 38720625
>> MSN Messenger: lawrencegarvin@msn.com
>> _________________________
>>
>>
>> "scooter" <sullmann@telespectrum.com> wrote in message
>> news:1106578829.115843.99930@c13g2000cwb.googlegroups.com...
>> >I have just installed 5.0.6 with all patches applied.
>> >
>> > When testing ftp connection, I get login failed when trying to
> connect
>> > as 'root'...??
>> >
>> > telnet works fine...just not ftp.......
>> >
>> > I have checked the /etc/ftpusers file and it has no entries in it.
>> >
>> > I have looked in inetd.conf file, and it shows for ftp:
>> >
>> > ftp stream tcp nowait root /etc/ftpd ftpd
>> >
>> >
>> > Security is set to 'traditional'
>> >
>> > What am I missing here?
>> > Scott Ullmann
>> > Telespectrum
>> > sullmann@telespectrum.com
>> >
>
> Lawrence,
>
> Absolutely genious man. That's exactly what it was.
> I re-set the password for root (but didn't change the password)
> and it worked right away.
>
> I'm really surprised no one has ran across this yet (at least I have
> seen NO posts to indicate that anyone has)
> Thanks a ton for your help. I really appreciate it.
>
> Scott
>

Quantcast