[Beowulf] tftp permission denied

Tom Mitchell mitch48 at sbcglobal.net
Wed Jun 6 14:54:58 PDT 2007


On Sun, Jun 03, 2007 at 02:25:13PM -0400, Mark Hahn wrote:
> Date: Sun, 3 Jun 2007 14:25:13 -0400 (EDT)
> From: Mark Hahn <hahn at mcmaster.ca>
> To: Beowulf Mailing List <beowulf at beowulf.org>
> Subject: Re: [Beowulf] tftp permission denied
> 
> >stop the tftp daemon service, then start it on the command line (as root) 
> >with the following flags:
> >
> >-l -vv -s /path/to/your/tftpdirectory
> 
> yes, definitely.  this sort of problem calls for debugging on the server 
> side
> - verbose server settings is probably enough, but I wouldn't shy away from
> running the server under strace to see what it's really doing...

All the previous and above plus.

Check /etc/xinetd.d/tftp, /etc/hosts.allow, /etc/hosts.deny

Then check the ipfilter and security setting.  TFTP is at a different port
than FTP.  If you are using the GUI Security Level Configuration tool
you will have to enable TFTP under "Other ports".   If ip filtering
is blocking packets into the server 'verbose' flags will have nothing
to be verbose about.   The quick test is to disable filtering and test.

ftp             21/tcp
ftp             21/udp          fsp fspd
tftp            69/tcp
tftp            69/udp
sftp            115/tcp
sftp            115/udp

Both ftp and tftp get used by bad boys out on the Internet 
so watch the ownership, permissions, settings and logs.

Most system admins will want to restrict TFTP access to your local hosts/networks.

For the network programmers interested in historic bugs out there give this a quick read.

   http://en.wikipedia.org/wiki/Sorcerer's_Apprentice_Syndrome

Later,
mitch

-- 
	T o m  M i t c h e l l 
	Found me a new place to hang my hat :-)
	Now it got bought.




More information about the Beowulf mailing list