2005年11月30日 星期三

如何啟動 gssftp ?

透過 ntsysv 啟動 RedHat AS4 的 gssftp 後,試著 ftp 到本機,會發生連敲密碼的機會都沒有,就得到以下訊息:


[root@mozart]# ftp -i localhost
Connected to localhost.localdomain.
220 mozart FTP server (Version 5.60) ready.
334 Using authentication type GSSAPI; ADAT must follow
GSSAPI accepted as authentication type
GSSAPI error major: Miscellaneous failure
GSSAPI error minor: No credentials cache found
GSSAPI error: initializing context
GSSAPI authentication failed
334 Using authentication type KERBEROS_V4; ADAT must follow
KERBEROS_V4 accepted as authentication type
Kerberos V4 krb_mk_req failed: You have no tickets cached
Name (localhost:root):
530 Must perform authentication before identifying USER.
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

一個迅速解決這個問題的方法是,修改 /etc/xinetd.d/gssftp,把 server_args 後面的 -a 移除,只留下 -l
# default: off
# description: The kerberized FTP server accepts FTP connections \
# that can be authenticated with Kerberos 5.
service ftp
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/kerberos/sbin/ftpd
server_args = -l
log_on_failure += USERID
}

接著記得在 /etc/vsftpd/vsftpd.conf 檔案結尾加入下面這行,否則 ftp 介面中秀出來的時間會差 8 個鐘頭。
use_localtime=YES

再讓 xinetd 重讀一次設定檔,就搞定了。
[root@mozart ~]# /etc/rc.d/init.d/xinetd reload
Reloading configuration: [ OK ]

沒有留言:

張貼留言