7.0.0 beta (build 281) bug: TFTP cannot bind to port 69

[atomik]

Hi all,

I'm trying SecureCRT for Mac 7.0.0 build 281 and noticed that the new TFTP server won't work.

If enabled, every time I start an ssh connection it say me:

"The TFTP server could not bind to port 69 for the following reason: Permission denied"


Seems there is something wrong with permission when it call the bind() function with a low port like this.

[bgagnon]

Hello atomik,

The port 69 binding issue is something that you will need to resolve on your machine. Mac OS X restricts access to all ports below 1025. I am not sure what steps you will need to take to enable your account to access that port.

Additionally, it is UDP port 69 rather than TCP port 69, so there may be other hurdles you have to clear to get this working.

I suspect that somehow you are going to have to give your account root level access or login as root.

Does this help you find a solution to the OS restriction?

I have added this thread to a feature request in our product enhancement database for a mechanism to elevate the user's credentials when the TFTP server is being used. Should a future release of SecureCRT include this feature, notification will be posted here.

If you prefer direct e-mail notification, contact support@vandyke.com and include "Feature Request - Forum Thread #10456" in the subject line.

[toloughlin]

First off, I'm a fan of you guys, as my join date + most non-Vandyke employee posts show, however ... this feature should be pulled from the Mac version because of how out-of-the-flow, using it actually is.

First off, fire up "terminal" (which SecureCRT is most likely replacing).

Then,
#sudo /Applications/SecureCRT.app/Contents/MacOS/SecureCRT
<enter password>

Now, it'll spawn the app with 'root' perms ... as root is disabled by default.

With the sudo method, comes an empty "Config" folder (/var/private/...), so your sessions, button bars, key maps, color schemes & whatnot, are unavailable.

With your new session configured & TFTP checked-off, connect to the new session. At that point, you can netstat -ln | grep 69 and see the listener.

MBP:~ Tom$ netstat -ln | grep 69
udp4 0 0 *.69 *.*

Support -- if there's an easier way, please let me know, else this option will stay off & I'll keep with my free TFTP server app.

[bgagnon]

Hi Tom,

Quote:

First off, I'm a fan of you guys, as my join date + most non-Vandyke employee posts show,

Known, and appreciated.

I have added this thread to a feature request in our product enhancement database to automatically elevate the user to root using credentials from the Mac Keychain (when running the TFTP server on Mac/Linux platforms). Should a future release of SecureCRT include this feature, notification will be posted here.

If you prefer direct e-mail notification, contact support@vandyke.com and include "Feature Request - Forum Thread #10456" in the subject line.

Quote:

Support -- if there's an easier way, please let me know, else this option will stay off & I'll keep with my free TFTP server app.

Do you know the mechanism the free TFTP server app uses to perform elevation?

[wilddev]

Any news on when this feature is going to be fixed? It's been over a year and we're now on the beta of 7.2 and it still doesn't work properly.

Thanks

[bgagnon]

Hello wilddev,

The title of the thread is a bit misleading as this is a feature request not a bug.

Mac OS X restricts access to all ports below 1025 so the current implementation of the TFTP server on the Mac operating system may require the user to elevate privileges to root in order for the TFTP server to listen on UDP port 69.

Feature requests are typically prioritized based on a number of factors including, but not limited to, the number of requests and the amount of implementation work required. Should a future release of SecureCRT include this feature, notification will be posted here.

If you prefer direct e-mail notification, contact support@vandyke.com and include "Feature Request - Forum Thread #10456" in the subject line.