Dual login to FTP server.

sri · #1 (**permalink**) 08-31-2001

We have sun-solaris ftp server. Our documentation tell that "...server uses a dual-login procedure for security. This requires all users to login anonymously first, and then login as a designated user...". Can some one please explain how this improves the security.
I am trying to connect to this ftp server through wininet.dll, programatically from powerbuilder. But, due to dual login, I am not able to connect.
I am absolutely out of clue. Can some one please through some light on this topic....please.

Optimus_P · #2 (**permalink**) 08-31-2001

i have never heard of this. have you tried to just log in regularly w/ your username and password vs anonamous first.

sri · #3 (**permalink**) 09-04-2001

Yes indeed. I tried all combinations, but in vain. Only a anonymous loging, followed by my username and password logs in.

nailk · #4 (**permalink**) 09-07-2001

Hi,

I did not work with Solaris more, then year, but suppose, that this login method prevents from sniffing.
There can be two different ftps. Did you try to change kind of ftp-server in inetd ?

Sincerely,
nailk.

sri · #5 (**permalink**) 09-07-2001

I do not understand what you mean by TWO ftps. Please be specific.
Here is what my Unix Admin has to say..."what happened when the user logs in as anonymous is that the user is restricted to only a certain mount point and not to the rest of the system. then they need to switch users to gain access to there resources. With a standard unix ftp server if a user was allowed to login directly they would have access to the entire system which is a big security risk."

old_geezer · #6 (**permalink**) 10-05-2001

Quote:

Originally posted by sri

Here is what my Unix Admin has to say..."what happened when the user logs in as anonymous is that the user is restricted to only a certain mount point and not to the rest of the system. then they need to switch users to gain access to there resources. With a standard unix ftp server if a user was allowed to login directly they would have access to the entire system which is a big security risk."

Uhhuh?

So let me get this right, first you need to login as anonymous, but then
can login as normal user and then have full access to the file system?

So what is the difference here to allow the users to login directly?
Because if you know the username and passwd you can gain the access anyway.

If you want to limit the user access you can always use the chroot ability found in WU-FTPD at least.

Only thing I can say oh lord

sri · #7 (**permalink**) 10-05-2001

Please note that "with standard unix ftp server, one would have general access to file system. With dual login, the second login gets the user to the folder alloted to him ONLY."

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
passwordless login from a server to another server	johnl	Shell Programming and Scripting	2	05-16-2008 08:27 AM
Cannot login via telnet or ssh to AIX 5.2 server	pdtak	UNIX for Advanced & Expert Users	5	04-10-2008 05:16 PM
Dual DHCP DNS Server 5.2 (Default branch)	iBot	Software Releases - RSS News	0	02-13-2008 01:30 AM
How to know which user id had login the server?	rainbow_bean	AIX	1	12-20-2007 04:33 PM
who is login to server	mm00123	UNIX for Advanced & Expert Users	2	07-15-2007 07:45 AM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode	Rate This Thread:


	Powered by