Solved Daemons reject logins after upgrade to 12.0

S

Speedy

I did upgrade from 11.2, usual way (make buildworld, etc). Now only SSH works. All other daemons reject logins, ftpd, ipop3d, imapd.
For instance, here is what I get with attempted ftp login.
Code: 
500 AUTH SSL: command not understood.
500 AUTH TLS: command not understood.
SSL not available
What am I missing now?
 
Did the upgrade show any errors? The text "SSL not available" speaks for some problem with an SSL library.
Search in your /var/log/messages or in dmesg to see if there is something weird going on.

Another idea: Did you build your ftpd, ipop3d and imapd from ports?
Maybe you configured the ports without SSL after the upgrade. So you can rebuild the ports and choose SSL support in the build configuration.
 
Thanks for replies. I did portupgrade -af, this should have taken care of it? Besides, ftpd is part of the system, isn't it? I used mergemaster -iU, though. Perhaps it screwed up something for me? There is nothing interesting in /var/log/messages.
 
Speedy said:
Besides, ftpd is part of the system, isn't it?
Click to expand...
As far as I know the base ftpd(8) doesn't support SSL/TLS. So it's probably one of the dozen or so packages you can pick from. Note that sftp(1) is FTP over SSH. This is different from FTPS, which is FTP over SSL/TLS.
 
OK, but the base ftpd was working before. My security cameras uploaded happily over FTP. Now they all fail. Something has been changed. And imapd and pop3d were rebuilt, still fail. Makes me think there is something wrong system-wide. Just can't figure out what.
 
If you have a ZFS snapshot from before the upgrade (I highly recommend snapshotting before during and after an upgrade), you can use zfs diff to compare what has changed in /etc.
 
Speedy said:
OK, but the base ftpd was working before. My security cameras uploaded happily over FTP.
Click to expand...
It's trying to do SSL/TLS authentication. Which never worked before on ftpd(8). So it's probably a setting on the camera that has been changed too. Either that or you used one of the more advanced FTP servers you installed as package/port. And accidentally switched back to the base ftpd(8).
 
Thanks for everyone. Problem solved. The upgrade from 11.2 somehow corrupted /etc/passwd during merge. All good now. There is still message about SSL/TLS not available, but ftp logins are accepted. And IMAP and POP3 are working again.
 
This is actually known. I had the same issue and at least one other forum member wrote about it. Symptoms were different though.
The solution is to use "vipw" and rewrite the password database to a consistent state.
 
You must log in or register to reply here.
Back
Top