FTP and SSH access question

Hi All,
I am working on a RedHat 9 machine remotely (in a lab environment),
trying to access a file owned by root (permissions: -r--------) on the
remote machine. I have root FTP access (upstream) but only user-level
access via SSH.

The FTP data port (20) is closed, so I can't get the file with FTP. I
can't use SSH (or SCP) to view/download the file, because root is
disabled from connecting to SSH (even locally).

Does anyone have any ideas? I figure the combination between root FTP
access and standard SSH access can be used in some way. The remote
machine also has web services running, and the user account I can use
via SSH has access to a personal web page directory.

Any help is much appreciated.

Thanks,
c3dy8911r

c3dy8911r wrote:
> I am working on a RedHat 9 machine remotely (in a lab environment),
> trying to access a file owned by root (permissions: -r--------) on the
> remote machine. I have root FTP access (upstream) but only user-level
> access via SSH.

Urk?! "root" and "FTP" in the same sentence? Gee, I hope not!

> The FTP data port (20) is closed, so I can't get the file with FTP. I
> can't use SSH (or SCP) to view/download the file, because root is
> disabled from connecting to SSH (even locally).
>
> Does anyone have any ideas? I figure the combination between root FTP
> access and standard SSH access can be used in some way. The remote
> machine also has web services running, and the user account I can use
> via SSH has access to a personal web page directory.

The FTP port obviously _should_ be closed. The SSH suite provides tools
like 'scp' which can do secure file-copying. At minimum it also provides a
simple form of "tunneling" which allows communications using insecure
protocols to take place through a secure tunnel. IPSEC (Virtual Private
Networks) also provides the same basic idea.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

c3dy8911r wrote:
|
| The FTP data port (20) is closed, so I can't get the file with FTP. I
| can't use SSH (or SCP) to view/download the file, because root is
| disabled from connecting to SSH (even locally).

Just "su" to root when connected over ssh
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFBrQrTGFXfHI9FVgYRArEVAKCeWlSI7p8Bn9zb4usn8L bs7SCHLACgjlC8
aEaIsSoCTc7GlmzfZGfEKGs=
=ZKYl
-----END PGP SIGNATURE-----

Thanks for your reply -- let me clarify:

I am running this experiment in an authorized lab environment. I've
trojaned the vsftp daemon on the remote machine to allow root access
(with a set password). Therefore, I don't have the root password to
use with a sudo command (via SSH or anything else).

Is there a work-around to the permissions problem that would allow me
to access the file remotely via SSH given the limited root FTP access
I have?

Thanks again,
c3dy8911r


Sundial Services <info@sundialservices.com> wrote in message news:<coisbr$c4e$1@domitilla.aioe.org>...
> c3dy8911r wrote:
> > I am working on a RedHat 9 machine remotely (in a lab environment),
> > trying to access a file owned by root (permissions: -r--------) on the
> > remote machine. I have root FTP access (upstream) but only user-level
> > access via SSH.
>
> Urk?! "root" and "FTP" in the same sentence? Gee, I hope not!
>
> > The FTP data port (20) is closed, so I can't get the file with FTP. I
> > can't use SSH (or SCP) to view/download the file, because root is
> > disabled from connecting to SSH (even locally).
> >
> > Does anyone have any ideas? I figure the combination between root FTP
> > access and standard SSH access can be used in some way. The remote
> > machine also has web services running, and the user account I can use
> > via SSH has access to a personal web page directory.
>
> The FTP port obviously _should_ be closed. The SSH suite provides tools
> like 'scp' which can do secure file-copying. At minimum it also provides a
> simple form of "tunneling" which allows communications using insecure
> protocols to take place through a secure tunnel. IPSEC (Virtual Private
> Networks) also provides the same basic idea.

> I am running this experiment in an authorized lab environment. I've
> trojaned the vsftp daemon on the remote machine to allow root access
> (with a set password). Therefore, I don't have the root password to
> use with a sudo command (via SSH or anything else).

ok, so when you ftp in do '!' and change the owner of the file or change the
file permissions so that scp can read it.


> Is there a work-around to the permissions problem that would allow me
> to access the file remotely via SSH given the limited root FTP access
> I have?
>
> Thanks again,
> c3dy8911r
>
>
> Sundial Services <info@sundialservices.com> wrote in message
news:<coisbr$c4e$1@domitilla.aioe.org>...
> > c3dy8911r wrote:
> > > I am working on a RedHat 9 machine remotely (in a lab environment),
> > > trying to access a file owned by root (permissions: -r--------) on the
> > > remote machine. I have root FTP access (upstream) but only user-level
> > > access via SSH.
> >
> > Urk?! "root" and "FTP" in the same sentence? Gee, I hope not!
> >
> > > The FTP data port (20) is closed, so I can't get the file with FTP. I
> > > can't use SSH (or SCP) to view/download the file, because root is
> > > disabled from connecting to SSH (even locally).
> > >
> > > Does anyone have any ideas? I figure the combination between root FTP
> > > access and standard SSH access can be used in some way. The remote
> > > machine also has web services running, and the user account I can use
> > > via SSH has access to a personal web page directory.
> >
> > The FTP port obviously _should_ be closed. The SSH suite provides tools
> > like 'scp' which can do secure file-copying. At minimum it also
provides a
> > simple form of "tunneling" which allows communications using insecure
> > protocols to take place through a secure tunnel. IPSEC (Virtual Private
> > Networks) also provides the same basic idea.

I can't su because the root password has been changed by the other
(defending) team -- this is a lab project.

Any other ideas?

> I can't su because the root password has been changed by the other
> (defending) team -- this is a lab project.
>
> Any other ideas?

ok, so when you ftp in do '!' and change the owner of the file or change the
file permissions so that scp can read it.

In comp.os.linux.networking c3dy8911r <c3dy8911r@yahoo.com> wrote:
> I can't su because the root password has been changed by the other
> (defending) team -- this is a lab project.
>
> Any other ideas?

Why do you need to su? Just copy whatever it is, or change its perms if
it belongs to you.

Peter

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQBBsH7C+gVZmutkHqERAnaXAKCXUSJQE3erayUVMVZ18E 6+aenxKACgkOmy
NlZLhZgUV9ZcDR5o3GqvhOU=
=SpOO
-----END PGP SIGNATURE-----

c3dy8911r wrote:
> I am working on a RedHat 9 machine remotely (in a lab environment)

I'm curious- which lab environment? Is this at a University or at some
company, or even at home? Who is coordinating this (faculty, manager, net
admin., etc.)? How can s/he be reached? Is the purpose of these labs to
engage in these kinds of studies or something more?

A teacher at my school (Christopher Newport University in Newport News,
Virginia) is also putting together a small computer lab for network
security experimentation (Dr. Riedl, in the PCSE department). Current
goals include studying sniffing (ethereal, etc.) and later, mobile ipv6. I
myself want to study arp packets.

So... perhaps you (and your coordinator) could share some of your experience
in such an endeavour?

Jon.

P.S.: By the way, I haven't learned to read NNTP headers yet... Someone
help me with this! Did you post from google? You appear to be posting
from the LACNIC netblock?


--
-- * Does the walker choose the path, or does the path choose the walker?
(fr. Sabriel) * --