How to disable telnet in AIX

By default the TELNET service is enabled in AIX (6.1 and 7.1) and the SSH service is not installed, but if you already installed the SSH service, then you can to disable the TELNET service following the steps below:

Open the file /etc/inetd.conf:

#vi /etc/inetd.conf

Comment out the line below to disable telnet service:

#telnet  stream  tcp6    nowait  root    /usr/sbin/telnetd      telnetd -a

Save it and reload inetd:

#refresh -s inetd

AIX – How to install ProFTP in AIX

This article I explain how to install ProFTP in AIX 6.1, limiting the access only to user home directory.

Environment

AIX 6.1
ProFTP 1.2.8
FileUtils 4.1.4

Download

The package needed can be downloaded in link below:

ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/proftpd/proftpd-1.2.8-1.aix5.1.ppc.rpm

The package File Utils is required to install ProFTP, below the link to downloaded if not installed:

ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/fileutils/fileutils-4.1-4.aix4.3.ppc.rpm

Install

Install FileUtils if required:

# rpm -ivh fileutils-4.1-4.aix4.3.ppc.rpm fileutils ##################################################

Install ProFTP:

# rpm -ivh proftpd-1.2.8-1.aix5.1.ppc.rpm proftpd ##################################################

Configure

Now, let’s configure proftp.

To create jail for users uncomment the line “#DefaultRoot ~” in the file /etc/proftpd.conf to:

DefaultRoot ~

To start ProFTP by inetd, change the line “ServerType standalone” in the file /etc/proftpd.conf to:

ServerType inetd

Then, in file /etc/inetd.conf change the line below:

From:

ftp stream tcp6 nowait root /usr/sbin/ftpd ftpd

To:

ftp stream tcp nowait root /usr/sbin/proftpd proftpd -p enable

Make sure that the User “nobody” and the group “nogroup” exist on your system. In my case I changed  the group to “staff”.

In the file /etc/proftpd.conf change the group to:

Group staff

Now, let’s start the ProFTPD with command:

#startsrc -t ‘ftp’

How to find WWN(World Wide Name) of a fibre-channel in IBM AIX

To find the WWN (world wide name) of a fibre-channel in IBM AIX use the command below:

# lscfg -vp -l fcs0 | grep “Network Address”

Output:

Network Address…………. 10000000C980DBE8

Where 10000000C980DBE8 is world wide name.

Another way to find WWN is using the command:

# fcstat fcs0 | grep “World Wide Port Name”

Output:

World Wide Port Name: 0x10000000C980DBE8

Where 0x10000000C980DBE8 is world wide name.

How to install SSH in AIX

Goal:

Install OpenSSH in AIX 7.1.

Download

First, you will need to download the OpenSSL and OpenSSH packages from this location:

https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp

Installation

Create a directory called install into the directory /tmp:

#mkdir /tmp/install

Copy the files to directory /tmp/install.

Uncompress the files OpenSSH_6.0.0.6200.tar.Z and openssl-1.0.1.512.tar.Z.

#uncompress OpenSSH_6.0.0.6200.tar.Z
#tar -xvf OpenSSH_6.0.0.6200.tar
#uncompress openssl-1.0.1.512.tar.Z
#tar -xvf openssl-1.0.1.512.tar

Now install the openssl package:

#installp -ac -Y -d /tmp/install/openssl-1.0.1.512/ openssl.base openssl.man.en_US

Then install the openssh package:

#installp -ac -Y -d /tmp/install/OpenSSH_6.0.0.6200/ openssh.base openssh.man.en_US

You can check the started daemon with the lssrc command:

#lssrc -s sshd
Subsystem         Group            PID          Status
sshd             ssh              3277032      active

If the daemon is not started, you can start with the startsrc command:

#startsrc -s sshd

Enjoy!!!