Cannot connect to ftpd (6.2.1B)

I’m having problems connecting to an ftpd server
running a vanilla PC embedded system. Any suggestions would
be greatly appreciated.

Op Sys: Neutrino 6.2.1B

I cannot log into the FTP server from a Windows command window.
I get:

Connected to
220 FTP server ready.
User ( root
331 Password required for root.
530 User root may not use FTP.
Login failed.

If I intentionally enter an incorrect password I get:

Connected to
220 FTP server ready.
User ( root
331 Password required for root.
530 Login incorrect.
Login failed.

Ping works OK. Inetd is running. It’s not a hardware problem
because I can connect using a old bootfile built with 6.1.

The contents of the mkifs buildfile and other relevant
files are listed below.

-Steve Musko, Space Physics Research Laboratory

-Thanks in advance for any suggestions.

mkifs buildfile:

[virtual=x86,bios +compress] .bootstrap = {
PATH=/proc/boot LD_LIBRARY_PATH=/proc/boot:/usr/lib procnto

[+script] .script = {

pci-bios & # Start PCI BIOS, scan PCI bus
waitfor /dev/pci # Wait until PCI BIOS is up

devc-con -n2 & # Create two virtual consoles
waitfor /dev/con1 # Wait until console 1 exists
reopen /dev/con1 # Open stdin, stdout and stderr directed to con1

pipe & # Start the pipe manager
waitfor /dev/pipe

io-net -v -d el900 verbose -p tcpip & # Start net driver and TCPIP for 3COM PCI card
if_up -p en0 # Wait until net driver up, but not configured
waitfor /dev/socket # Wait until net driver is up

ifconfig en0 netmask # Set our IP addr and mask
if_up en0 # Wait until net i/f up and configured
route add default # Set the default gateway
if_up en0 # Wait until net i/f up and configured

devc-pty -n 16 & # Start pseudo terminals for Telnet

devb-eide &
waitfor /dev/hd0t77
mount -t qnx4 /dev/hd0t77 /hdisk
waitfor /hdisk

Start the USB host controller

Force the thread priority to 33 with FIFO scheduling

[pri=33f] devu-uhci

Start the floppy disk driver

devb-fdc blk cache=128k &

Start shells on both virtual consoles

reopen /dev/con2 # Open stdin, stdout and stderr directed to con2
[+session] TERM=qansi ksh & # Start the shell on con2
reopen /dev/con1 # Open stdin, stdout and stderr directed to con1
[+session] TERM=qansi ksh & # Start the shell on con1

inetd & # Start internet super-server (invokes ftpd et. al.)

display_msg “QNX initialization is complete”

Set default attributes

[type=file] # it’s a file unless otherwise specified
[uid=0] # user is root
[perms=+x+r] # all files executable and readable

[code=uip] # use executable code in place (do not copy)
[data=copy] # unique copy of data for each code instance
[-optional] # bomb out of mkifs if a file is not found

Create some symbolic links so files that

are expected in standard directories can be

found in the boot image directories.

[type=link] /usr/lib/
[type=link] /tmp=/dev/shmem
[type=link] /bin=/proc/boot
[type=link] /usr/sbin=/proc/boot
[type=link] sh=/proc/boot/ksh

Copy all the shared objects (code libraries)

to /proc/boot


pci # for 3COM PCI net card

/etc/shells (unmodified distribution file)

List of available shells


/etc/inetd.conf (unmodified distribution file)

@(#)inetd.conf 1.23 90/01/03 SMI

Configuration file for inetd.

To re-configure the running inetd process, edit this file, then

send the inetd process a SIGHUP.

Internet services syntax:

<service_name> <socket_type> <server_pathname>

Time service is used for clock syncronization.

#time stream tcp nowait root internal
#time dgram udp wait root internal

Ftp and telnet are standard Internet services.

ftp stream tcp nowait root /usr/sbin/ftpd in.ftpd -l
telnet stream tcp nowait root /usr/sbin/telnetd in.telnetd

Shell, login, exec are BSD protocols.

#shell stream tcp nowait root /usr/sbin/rshd in.rshd
#login stream tcp nowait root /usr/sbin/rlogind in.rlogind
#exec stream tcp nowait root /usr/sbin/rexecd in.rexecd

Tftp service is provided primarily for booting. Most sites run this

only on machines acting as “boot servers”.

#tftp dgram udp wait root /usr/sbin/tftpd in.tftpd

Systat and netstat give out user information which man be

valuable to potential “system crackers.” Many sites choose to disable

some or all of these services to improve security.

#systat stream tcp nowait root /bin/ps ps -auwwx
#netstat stream tcp nowait root /usr/bin/netstat netstat -f inet

IPv6 services.

The only difference with the above is “tcp6” instead of “tcp”.

Be sure to enable both “tcp” and “tcp6” when you need service for

both IPv4/v6.

#ftp stream tcp6 nowait root /usr/sbin/ftpd ftpd -ll
telnet stream tcp6 nowait root /usr/sbin/telnetd telnetd
#shell stream tcp6 nowait root /usr/sbin/rshd rshd -L
#login stream tcp6 nowait root /usr/sbin/rlogind rlogind -L
#tftp dgram udp6 wait root /usr/sbin/tftpd tftpd -l -s /tftpboot

Neutrino specific services

#pidin stream tcp nowait root /bin/pidin pidin
#pidinmem stream tcp nowait root /bin/pidin pidin mem
#pidinarg stream tcp nowait root /bin/pidin pidin arg
#pidinenv stream tcp nowait root /bin/pidin pidin env
#pidinsig stream tcp nowait root /bin/pidin pidin sig
#phrelay stream tcp nowait root /usr/bin/phrelay phrelay -x

Echo, discard, daytime, and chargen are used primarily for testing.

#echo stream tcp nowait root internal
#echo dgram udp wait root internal
discard stream tcp nowait root internal
discard dgram udp wait root internal
#daytime stream tcp nowait root internal
#daytime dgram udp wait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp wait root internal

/etc/services (unmodified distribution file)

Network services, Internet style

@(#)services 5.8 (Berkeley) 5/9/91

echo 7/tcp
echo 7/udp
discard 9/tcp sink null
discard 9/udp sink null
systat 11/tcp users
daytime 13/tcp
daytime 13/udp
netstat 15/tcp
qotd 17/tcp quote
chargen 19/tcp ttytst source
chargen 19/udp ttytst source
ftp 21/tcp
telnet 23/tcp
smtp 25/tcp mail
time 37/tcp timserver
time 37/udp timserver
rlp 39/udp resource # resource location
nameserver 42/tcp name # IEN 116
whois 43/tcp nicname
domain 53/tcp nameserver # name-domain server
domain 53/udp nameserver
mtp 57/tcp # deprecated

Bootp experimental (sellgren@vangogh)

bootp 67/udp bootps # bootp server
bootpc 68/udp # bootp client

tftp 69/udp
rje 77/tcp netrjs
finger 79/tcp
link 87/tcp ttylink
supdup 95/tcp
hostnames 101/tcp hostname # usually from sri-nic
tsap 102/tcp # part of ISODE.
#csnet-cs 105/?
pop 109/tcp postoffice
pop3 110/tcp
sunrpc 111/tcp
sunrpc 111/udp
auth 113/tcp authentication
sftp 115/tcp
uucp-path 117/tcp
nntp 119/tcp readnews # Network News Transfer Protocol
ntp 123/udp # Network Time Protocol
snmp 161/udp
snmp-trap 162/udp

UNIX specific services

exec 512/tcp
biff 512/udp comsat
login 513/tcp
who 513/udp whod
shell 514/tcp cmd # no passwords used
syslog 514/udp
printer 515/tcp spooler # line printer spooler
talk 517/udp
ntalk 518/udp
route 520/udp router routed
timed 525/udp timeserver
tempo 526/tcp newdate
courier 530/tcp rpc
conference 531/tcp chat
netnews 532/tcp readnews
netwall 533/udp # -for emergency broadcasts
uucp 540/tcp uucpd # uucp daemon
remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem

ingreslock 1524/tcp

Neutrino specific services

pidin 557/tcp nto_pid_info # Neutrino system information
pidinmem 558/tcp
pidinarg 559/tcp
pidinenv 560/tcp
pidinsig 561/tcp

Kerberos (Project Athena/MIT) services

kerberos 750/udp kdc # Kerberos (server) udp
kerberos 750/tcp kdc # Kerberos (server) tcp
krbupdate 760/tcp kreg # Kerberos registration
kpasswd 761/tcp kpwd # Kerberos “passwd”
klogin 543/tcp # Kerberos rlogin
eklogin 2105/tcp # Kerberos encrypted rlogin
kshell 544/tcp krcmd # Kerberos remote shell

tcpmux 1/tcp # rfc-1078
message 18/tcp
message 18/udp
ftp-data 20/tcp
fsp 21/udp fspd
ssh 22/udp
ssh 22/tcp
gopher 70/tcp
http 80/tcp www
hostnames 101/tcp hostname # usually to sri-nic
x400 103/tcp # ISO Mail
x400-snd 104/tcp
sunrpc 111/tcp portmap
sunrpc 111/udp portmap
ntp 123/tcp # Network Time Protocol
netbios-ns 137/udp # NETBIOS Name Server
netbios-dgm 138/udp # NETBIOS Datagram Service
netbios-ssn 139/udp # NETBIOS Session Service
netbios-ssn 139/tcp
NeWS 144/tcp news # Window System
snmp 161/udp # network management
dirsrv 1525/udp
nfsd 2049/tcp
nfsd 2049/udp
webster 2627/tcp
infleet 5999/tcp
xserver 6000/tcp
irc 6667/tcp
phrelay 4868/tcp
phrelaydbg 4869/tcp
phindemo 4870/tcp
socks 1080/tcp
timesrv 22375/tcp # time server process - RES
althttp 25080/tcp # alternate www port
dir_svc 33333/tcp

ftpusers (unmodified distribution file)

list of users disallowed any ftp access.

read by ftpd(8).

ftpd.conf (unmodified distribution file)

checkportcmd all
classtype chroot CHROOT
classtype guest GUEST
classtype real REAL
display none
limit all -1 # unlimited connections
maxtimeout all 7200 # 2 hours
modify all
motd all motd
notify none
passive all
timeout all 900 # 15 minutes
umask all 027
upload all
modify guest off
umask guest 0707


bin:x:1:1:Binaries Commands and Source:/bin:
daemon:x:2:2:System Services:/daemon:
mail:x:8:40:User Mail:/var/spool/mail:
news:x:9:50:Network News:/var/spool/news:
uucp:x:12:60:Network News:/var/spool/news:
ftp:x:14:80:FTP User:/home/ftp:

FTP servers disallowing root access is not uncommon, have you tried it with a different user?

I’ll give it a try. Maybe QNX tightened up FTP security between
6.1 and 6.2.1B. Thanks for the suggestion.

ftpd uses /etc/ftpusers which contains list of users disallowed from access. User root is listed there by default in 6.2.1B

I modified the /etc/ftpusers file. It contains only the
two lines below. I still can’t log in as root or any other user.
Maybe I should remove everything from /etc/ftpusers.

list of users disallowed any ftp access.

read by ftpd(8).

Have you checked everything listed in the “User authorization” section in the docs for ftpd?

Problem Solved !!!

I found the source of the problem. My passwd
file contained CR,LF end-of-lines. The lines
must have CR-only end-of-lines. The same is
true for inetd.conf. Inetd will fail silently
if inetd.conf contains CRLF eols. This could also
be true for other config files.

Inetd, ftpd and telnetd now work fine.

Thanks for your help.


Close… Actually it is LF only, not CR only. QNX like all *nixes uses LF as a line terminator.

Stop editing your files in windows!


Thanks for the correction.