Red Hat Bugzilla – Bug 62814
wu-ftpd not disabling IDENT checks via flag
Last modified: 2007-04-18 12:41:43 EDT
Description of Problem:
From the ftpd manpage:
"The -I option disables the use of RFC931 (AUTH/ident) to attempt to determine
the username on the client."
I have tried this setting in /etc/xinetd.d/wu-ftpd on several releases (versions
2.6.1-0.6x.21 through wu-ftpd-2.6.1-20 on RedHat 6.1 through RedHat 7.2) and it
does not appear to work. The server still generates AUTH IDENT requests and
hangs for up to 30 seconds, waiting for a reply. My only workaround was to set
an outbound firewall rule to "REJECT" any packets to port 113.
Version-Release number of selected component (if applicable):
2.6.1-0.6x.21 through 2.6.1-20 on wu-ftpd
Steps to Reproduce:
1.add a -I to the line "server_args = -l -a" and restart xinetd
2.make an ftp connection to the server
3.watch for IDENT requests (port 113). If it receives no response, the ftp
connection will hang for up to 30 seconds
Depending on whether host responds with ident, either a connection, or up to a
30 second delay.
A snappy and short connect time.
Please use vsftpd instead. wu-ftpd is not maintained anymore.