1.开启gssftp后，用任何用户登录都会报错，信息如下：

linux:

oracle@bjhealth1 ~]$ ftp 10.1.112.231

Connected to 10.1.112.231.

220 bjhealth1 FTP server (Version 5.60) ready.

334 Using authentication type GSSAPI; ADAT must follow

GSSAPI accepted as authentication type

GSSAPI error major: Unspecified GSS failure. Minor code may provide more information

GSSAPI error minor: No credentials cache found

GSSAPI error: initializing context

GSSAPI authentication failed

334 Using authentication type KERBEROS_V4; ADAT must follow

KERBEROS_V4 accepted as authentication type

Kerberos V4 krb_mk_req failed: You have no tickets cached

Name (10.1.112.231:oracle):

530 Must perform authentication before identifying USER.

Login failed.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp>

windows:

C:\>ftp 10.1.112.231

连接到 10.1.112.231。

220 bjhealth1 FTP server (Version 5.60) ready.

用户(10.1.112.231:(none)): oracle

530 Must perform authentication before identifying USER.

登录失败。

ftp>

解决办法：

修改gssftp配置文件/etc/xinetd.d/gssftp

# default: off

# description: The kerberized FTP server accepts FTP connections \

# that can be authenticated with Kerberos 5.

service ftp

{

flags = REUSE

socket_type = stream

wait = no

user = root

server = /usr/kerberos/sbin/ftpd

server_args = -l -a

log_on_failure += USERID

disable = no

# disable = yes

}

把server_args = -l -a的-a参数去掉：

server_args = -l

保存退出重启xinetd服务：

[root@bjhealth1 ~]# service xinetd restart

Stopping xinetd: [ OK ]

Starting xinetd: [ OK ]

测试：

C:\>ftp 10.1.112.231

连接到 10.1.112.231。

220 bjhealth1 FTP server (Version 5.60) ready.

用户(10.1.112.231:(none)): oracle

331 Password required for oracle.

密码:

230 User oracle logged in.

ftp>