problem with telnet
killahertz
When I try to telnet to one of my sun servers, this error appears:
# telnet localhost
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SunOS 5.8
Connection closed by foreign host.
And then I'm returned to the prompt. Any ideas what the problem is?
Thanks in advance,
AG
--
--
|"The physicist's greatest tool is his wastebasket." - Albert Einstein.
|"When did ignorance become a point of view ? - Scott Adams.
|"The collective IQ of a location is inversely proportional to the number of
people gathered."
dav...@yahoo.com
> When I try to telnet to one of my sun servers, this error appears:
> Connection closed by foreign host.
See on the log files what error is logged, otherwise there isn't much to do.
Davide
dave...@spamcop.net
> When I try to telnet to one of my sun servers, this error appears:
> SunOS 5.8
> Connection closed by foreign host.
> And then I'm returned to the prompt. Any ideas what the problem is?
I've had this happen when the system ran out of file descriptors...
from memory, fd_lim_cur and/or fd_lim_max, but a quick google would
find them.
Is the system otherwise behaving? Can you log in directly to the console?
The only other time I saw this was when I helped someone out who had
changed the ownership of /dev to someone other than root (actually
did a chown -R from $VAR/*, without first setting $VAR, as root.)
From that day on, he's been known as chown-boy ;)
So...how's it behaving otherwise? Is it doing what it's supposed to, or
just generally b0rken?
Dave Hinz
Oscar del Rio
>
> # telnet localhost
> Connection closed by foreign host.
>
> And then I'm returned to the prompt. Any ideas what the problem is?
it could be a corrupted or hacked /bin/login
Can you ssh into the server? (sshd does not use /bin/login)
Rev. Don Kool
killahertz wrote:
> Hi All,
>
> When I try to telnet to one of my sun servers, this error appears:
>
> # telnet localhost
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
>
>
> SunOS 5.8
>
> Connection closed by foreign host.
>
> And then I'm returned to the prompt. Any ideas what the problem is?
Perhaps the system is using TCP Wrappers.
> Thanks in advance,
No problem.
Hope this helps,
Don
--
*************************** You a bounty hunter?
* Rev. Don McDonald, SCSA * Man's gotta earn a living.
* Baltimore, MD * Dying ain't much of a living, boy.
*************************** "Outlaw Josey Wales"
Chris Cox
> Hi All,
>
> When I try to telnet to one of my sun servers, this error appears:
>
> # telnet localhost
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
>
>
> SunOS 5.8
>
> Connection closed by foreign host.
>
> And then I'm returned to the prompt. Any ideas what the problem is?
>
> Thanks in advance,
> AG
>
Any number of things... the one I'm think of is that
you've got tcpwrappers installed and have not opened
up telnet in the allow file for localhost access.
For example, someone has denied ALL, but not allowed
anything to come in.
But there could be any number of reasons...
Dietrich Kanz
"killahertz" <killa...@world-domination.net> wrote in message
news:aodtkc$lblvc$1...@ID-106172.news.dfncis.de...
I had the same problem yesterday with my Linux box.
The problem was that I didn´t install my telnet server. I think Solaris uses
the in.telnetd too. (look into inetd.conf)
check if in.telnetd is at its place
Maybe that helps
Barry Margolin
Dietrich Kanz <dietri...@mnet-online.de> wrote:
>
>"killahertz" <killa...@world-domination.net> wrote in message
>news:aodtkc$lblvc$1...@ID-106172.news.dfncis.de...
>> Hi All,
>>
>> When I try to telnet to one of my sun servers, this error appears:
>>
>> # telnet localhost
>> Trying 127.0.0.1...
>> Connected to localhost.
>> Escape character is '^]'.
>>
>>
>> SunOS 5.8
>>
>> Connection closed by foreign host.
>I had the same problem yesterday with my Linux box.
>The problem was that I didn´t install my telnet server. I think Solaris uses
>the in.telnetd too. (look into inetd.conf)
>check if in.telnetd is at its place
If he didn't install the telnet server, how would he get the "SunOS 5.8"
greeting message, since that's sent by the telnet server?
--
Barry Margolin, bar...@genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
dave...@spamcop.net
> I had the same problem yesterday with my Linux box.
> The problem was that I didn´t install my telnet server. I think Solaris uses
> the in.telnetd too. (look into inetd.conf)
> check if in.telnetd is at its place
Another good point. Maybe the original poster would be so kind as to come
back and give us more information, like when did it last work, if anyone else
has root on the box, how he normally gets in, that sort of thing.
Between us, we could guess for a good long time, but without more information
from the OP, or feedback that he's even here, there's not alot of point to it.
Dave Hinz
Oscar del Rio
> > Trying 127.0.0.1...
> > Connected to localhost.
> > Escape character is '^]'.
> >
> > SunOS 5.8
> >
> > Connection closed by foreign host.
>
> you've got tcpwrappers installed and have not opened
> up telnet in the allow file for localhost access.
If it was a tcpwrappers problem the "SunOS" banner
would not be displayed.
wavelet
#CONSOLE=/dev/console
"killahertz" <killa...@world-domination.net> wrote in message
news:aodtkc$lblvc$1...@ID-106172.news.dfncis.de...
Andreas Fenner
>
> check /dev/default/login to make sure that
> #CONSOLE=/dev/console
>
Das hat damit NIX zu tun!
Egal was da drin steht - der login prompt müßte kommen.
--
Dipl. Ing. Andreas Fenner, mailto:Andreas...@alcatel.de
Alcatel SEL AG, TS/EE, Holderäckerstr.10, 70499 Stuttgart, 0711/821-49823
-------------------------------------------------------------------------
Linux is like a Wigwam: no Windows, no Gates, Apache inside
dave...@spamcop.net
> wavelet wrote:
>>
>> check /dev/default/login to make sure that
>> #CONSOLE=/dev/console
>>
> Das hat damit NIX zu tun!
> Egal was da drin steht - der login prompt müßte kommen.
Exactly; that's one reason the original poster has to come back and
clarify and/or answer some of the clarifying questions if there's
any hope to get a good answer.
The fact that he's getting the SunOS 5.8 identifier does show that
telnet is responding on port 23, inetd is firing it up, and so on.
Without knowing if this is new behavior which worked previously, or
any of the other questions, ...
Dave Hinz
Andreas Fenner
>
> wavelet wrote:
> >
> > check /dev/default/login to make sure that
> > #CONSOLE=/dev/console
> >
>
> Das hat damit NIX zu tun!
> Egal was da drin steht - der login prompt müßte kommen.
Oops - sorry, english newsgroup :-)
It does not matter to what CONSOLE is set in this file.
In each case there should be a login prompt!
Andreas
Casper H.S. Dik
>In comp.unix.admin killahertz <killa...@world-domination.net> wrote:
>> Hi All,
>> When I try to telnet to one of my sun servers, this error appears:
>> SunOS 5.8
>> Connection closed by foreign host.
>> And then I'm returned to the prompt. Any ideas what the problem is?
>I've had this happen when the system ran out of file descriptors...
>from memory, fd_lim_cur and/or fd_lim_max, but a quick google would
>find them.
The system will not run out of file decriptors; the limits you mention
are per-process; there are no system wide limits.
The immediate closure can point to:
- missing/damaged in.telnetd
- TCP wrappers refusing connection
Also, there are a few "installable backdoors" out there that have not
been properly debugged that can cause all sorts of funny symptoms.
Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.
Dietrich Kanz
"Barry Margolin" <bar...@genuity.net> wrote in message
news:vHEq9.17$nR1....@paloalto-snr1.gtei.net...
> In article <aof4cf$e73$1...@svr8.m-online.net>,
> Dietrich Kanz <dietri...@mnet-online.de> wrote:
> >
> >"killahertz" <killa...@world-domination.net> wrote in message
> >news:aodtkc$lblvc$1...@ID-106172.news.dfncis.de...
> >> Hi All,
> >>
> >> When I try to telnet to one of my sun servers, this error appears:
> >>
> >> # telnet localhost
> >> Trying 127.0.0.1...
> >> Connected to localhost.
> >> Escape character is '^]'.
> >>
> >>
> >> SunOS 5.8
> >>
> >> Connection closed by foreign host.
> ...
> >I had the same problem yesterday with my Linux box.
> >The problem was that I didn´t install my telnet server. I think Solaris
uses
> >the in.telnetd too. (look into inetd.conf)
> >check if in.telnetd is at its place
>
> If he didn't install the telnet server, how would he get the "SunOS 5.8"
> greeting message, since that's sent by the telnet server?
Well try it. I got the greeting message too!!! And then it threw me out.
After I installed the telnet server it worked.
But as I said, that was a Linux box and not Solaris.
dave...@spamcop.net
> "Barry Margolin" <bar...@genuity.net> wrote in message
> news:vHEq9.17$nR1....@paloalto-snr1.gtei.net...
>>
>> If he didn't install the telnet server, how would he get the "SunOS 5.8"
>> greeting message, since that's sent by the telnet server?
> Well try it. I got the greeting message too!!! And then it threw me out.
> After I installed the telnet server it worked.
Hm, so inetd is popping up that message? That's ... unexpected...
I believe you; don't get me wrong, but I'm surprised.
> But as I said, that was a Linux box and not Solaris.
Cool. Didn't know that. Something to add to my "things to understand"
list.
Dave
Dietrich Kanz
<dave...@spamcop.net> wrote in message
news:aohko7$mikiu$5...@ID-134476.news.dfncis.de...
Seems so,
but Linux is a bit more descriptive here. Thats the complete message:
voodoo# telnet localhost
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host
When /usr/sbin/in.telnetd is at its place it works.
Barry Margolin
I don't see a system greeting message in that output. The "Connected to"
message means that inetd is listening on the port. The "SunOS 5.8" message
on Solaris comes *later* than that, and it's produced by in.telnetd after
inetd successfully starts it.
If the connection closes after that message, it means that some resource
that in.telnetd needs is exhausted; perhaps it has run out of ptys (except
I thought that it prints a more descriptive message in that case).
dave...@spamcop.net
> In article <aohl6j$c8t$1...@svr8.m-online.net>,
> If the connection closes after that message, it means that some resource
> that in.telnetd needs is exhausted; perhaps it has run out of ptys (except
> I thought that it prints a more descriptive message in that case).
I don't recall about that, and I'm not keen on reproducing it for
this, but I know that if it can't spawn any more processes, it'll just
fail as the OP described. BTDT.
Dave
Joel Atkin
problem had to do with a bunch of resources (I forget which ones) getting
maxed out. I believe there were *many* zombies on the box... but it was a
while back and my memory is gone. Also, we had about 15 users concurently
pounding on the box each day.
A reboot of the box solved the problem.
Anyway... if you are getting the greeting message, this indicates that the
Login shell is starting up. I believe Telnet isn't the issue, rather it has
something to do with login.
peace,
Joel
Barry Margolin
Joel Atkin <jat...@naturaldata.com> wrote:
>Anyway... if you are getting the greeting message, this indicates that the
>Login shell is starting up. I believe Telnet isn't the issue, rather it has
>something to do with login.
I don't think you really mean "login shell" -- that's the shell process
that runs *after* you login. So I think you mean the login process.
But if the login process were starting up, he'd be getting the "login:"
prompt, which he didn't get. He's just getting the "SunOS 5.8" greeting
message, which I think is sent by in.telnetd before it runs "login".
Rev. Don Kool
Dietrich Kanz wrote:
> "Barry Margolin" <bar...@genuity.net> wrote...
>>Dietrich Kanz <dietri...@mnet-online.de> wrote:
>>>"killahertz" <killa...@world-domination.net> wrote...
>>>
>>>>Hi All,
>>>>
>>>>When I try to telnet to one of my sun servers, this error appears:
>>>>
>>>># telnet localhost
>>>>Trying 127.0.0.1...
>>>>Connected to localhost.
>>>>Escape character is '^]'.
>>>>
>>>>
>>>>SunOS 5.8
>>>>
>>>>Connection closed by foreign host.
>>>
>>...
>>
>>>I had the same problem yesterday with my Linux box.
>>>The problem was that I didn´t install my telnet server. I think Solaris
>>
> uses
>
>>>the in.telnetd too. (look into inetd.conf)
>>>check if in.telnetd is at its place
>>
>>If he didn't install the telnet server, how would he get the "SunOS 5.8"
>>greeting message, since that's sent by the telnet server?
>
>
> Well try it. I got the greeting message too!!! And then it threw me out.
> After I installed the telnet server it worked.
> But as I said, that was a Linux box and not Solaris.
So you haven't tried it on a UNIX system.
Dan
"killahertz" <killa...@world-domination.net> wrote in message
news:aodtkc$lblvc$1...@ID-106172.news.dfncis.de...
>
> When I try to telnet to one of my sun servers, this error appears:
>
> # telnet localhost
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
>
>
> SunOS 5.8
>
> Connection closed by foreign host.
>
> And then I'm returned to the prompt. Any ideas what the problem is?
>
> Thanks in advance,
> AG
>
telneting to loopback IP address?
Andreas Fenner
> But if the login process were starting up, he'd be getting the "login:"
> prompt, which he didn't get. He's just getting the "SunOS 5.8" greeting
> message, which I think is sent by in.telnetd before it runs "login".
correct! The banner is displayed by the in.telnetd.
Here is a part of th manpage:
> The banner printed by in.telnetd is configurable. The
> default is (more or less) equivalent to "`uname -sr`" and
> will be used if no banner is set in /etc/default/telnetd.
> To set the banner, add a line of the form
>
> BANNER="..."
>
> to /etc/default/telnetd. Nonempty banner strings are fed to
> shells for evaluation. The default banner may be obtained by
>
> BANNER="\\r\\n\\r\\n`uname -s` `uname -r`\\r\\n\\r\\n"
>
> and no banner will be printed if /etc/default/telnetd con-
> tains
>
> BANNER=""
Barry Margolin
It's as good a test as any other address, isn't it? And it minimizes the
number of variables needed to troubleshoot the problem.
Philip Brown
>>This is probably my ignorance showing, but is there a reason you are
>>telneting to loopback IP address?
>
>It's as good a test as any other address, isn't it? And it minimizes the
>number of variables needed to troubleshoot the problem.
no, it doenst. it increases the number of variables by at least 2.
1. You are using an entirely different mechanism to connect.
lo device is *very* differnt from eri/hme/whatever
2. you are using a different 'IP' address, both as a destination, and
as a source.
Which will screw things up if, for example, you have TCP wrappers
enabled and configured to allow connects from 10.x.x.x, but someone
forgot to also allow from 'localhost', aka 127.0.0.01
which is probably part of your problem.
Remember that in solaris9, tcpwrappers comes integrated with inetd
as shipped.
--
[Trim the no-bots from my address to reply to me by email!]
[ Do NOT email-CC me on posts. Pick one or the other.]
S.1618 http://thomas.loc.gov/cgi-bin/bdquery/z?d105:SN01618:@@@D
http://www.spamlaws.com/state/ca1.html
Philip Brown
>...
>Remember that in solaris9, tcpwrappers comes integrated with inetd
>as shipped.
okay, okay, you're not using solaris 9.
but it's still good to remember ;-)
Barry Margolin
Philip Brown <phi...@bolthole.no-bots.com> wrote:
>On Wed, 16 Oct 2002 15:25:24 GMT, bar...@genuity.net wrote:
>>>This is probably my ignorance showing, but is there a reason you are
>>>telneting to loopback IP address?
>>
>>It's as good a test as any other address, isn't it? And it minimizes the
>>number of variables needed to troubleshoot the problem.
>
>no, it doenst. it increases the number of variables by at least 2.
>1. You are using an entirely different mechanism to connect.
> lo device is *very* differnt from eri/hme/whatever
>
>2. you are using a different 'IP' address, both as a destination, and
> as a source.
> Which will screw things up if, for example, you have TCP wrappers
> enabled and configured to allow connects from 10.x.x.x, but someone
> forgot to also allow from 'localhost', aka 127.0.0.01
>
> which is probably part of your problem.
But if it fails from multiple sources, none of these differences are likely
to be relevant, and it's easier to test using localhost.
Rev. Don Kool
Philip Brown wrote:
> bar...@genuity.net wrote:
>>>This is probably my ignorance showing, but is there a reason you are
>>>telneting to loopback IP address?
>>It's as good a test as any other address, isn't it? And it minimizes the
>>number of variables needed to troubleshoot the problem.
> no, it doenst. it increases the number of variables by at least 2.
> 1. You are using an entirely different mechanism to connect.
> lo device is *very* differnt from eri/hme/whatever
>
> 2. you are using a different 'IP' address, both as a destination, and
> as a source.
> Which will screw things up if, for example, you have TCP wrappers
> enabled and configured to allow connects from 10.x.x.x, but someone
> forgot to also allow from 'localhost', aka 127.0.0.01
>
> which is probably part of your problem.
You really are making a public ass of yourself, Philly. Using TELNET
to the loopback is the easiest way to eliminate network problems from
the situation. If you can't connect via TELNET to "localhost", you sure
as shit aren't going to connect from anywhere else.
> Remember that in solaris9, tcpwrappers comes integrated with inetd
> as shipped.
No, it doesn't, my misguided young friend.
# uname -a
SunOS <hostname> 5.9 Generic_112233-02 sun4u sparc SUNW,Sun-Blade-100
# grep telnet /etc/inetd.conf
# ftp telnet shell login exec tftp finger printer
# TELNETD - telnet server daemon
telnet stream tcp6 nowait root /usr/sbin/in.telnetd in.telnetd
Happy to have cleared things up for you,
Greg Andrews
>On Wed, 16 Oct 2002 15:25:24 GMT, bar...@genuity.net wrote:
>>>This is probably my ignorance showing, but is there a reason you are
>>>telneting to loopback IP address?
>>
>>It's as good a test as any other address, isn't it? And it minimizes the
>>number of variables needed to troubleshoot the problem.
>
>no, it doenst. it increases the number of variables by at least 2.
>1. You are using an entirely different mechanism to connect.
>
Which is often just what the technician ordered. A telnet connection
that fails to the local address but works to the loopback narrows
the troubleshooters focus to the parts of the mechanism that are
different from the loopback.
As with all tools, there are situations where it's exactly the right
thing to do, situations where it's less useful, and situations where
it doesn't help at all.
-Greg
--
Do NOT reply via e-mail.
Reply in the newsgroup.