06-28-2002
Don't open three threads to ask the same question. I deleted the other threads.
To create an account that can be used only for ftp, I would make the shell "/usr/bin/true". Yeah, you can still telnet in, but you can't do anything and you will disconnect immediately. For such a user to be able to use ftp, "/usr/bin/true" must be added to the file "/etc/shells".
To create an account that can be used by telnet, but not ftp, give this user a regular shell like ksh. Then add it to the file /etc/ftpd/ftpusers. This file, which is badly named, is a list of users who cannot use ftp.
And sure, both users can be in the same group if you want.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have a basic query. I use telnet and ftp very frequently. I want to do it without spending time in typing username and password everytime. I know that if I have .netrc file which contains server address, username, pasword, then just typing ftp will conect to that server with that username and... (10 Replies)
Discussion started by: asutoshch
10 Replies
2. IP Networking
Dumb question I'm sure but how on earth do I transfer files from a sco unix machine to my windows 2000 machine. I'm typing commands on my Win2000 machine. All I can seem to do is move files around on the unix system? (8 Replies)
Discussion started by: Timbash
8 Replies
3. UNIX for Dummies Questions & Answers
Hi quick question from a unix newbie
Working on a project to get me using unix, the point of this project is to find a printer on the network check for jobs in the printer if the printer has no jobs do nothing if the printer has jobs then check the status for errors and e-mail the user. This... (2 Replies)
Discussion started by: w33man
2 Replies
4. Linux
hi ,
i have jsut installed linux 9.0 , but i can not ftp or telnet to the system .
i have installed the ftp and the telnet server during installation .
i have also configured the files to enable the ftp and telnet , the ftp and the telnet daemons are running , but when i do ftp :
ftp... (1 Reply)
Discussion started by: ppass
1 Replies
5. Shell Programming and Scripting
Hi,
I want to automate FTP. I have a fair idea that this can be done using expect scripting. But I dont how to do it. Please, can anyone give me an example of how to do it in Unix.
Thanks in advance (2 Replies)
Discussion started by: sendhilmani123
2 Replies
6. UNIX for Dummies Questions & Answers
Well I have the programs and everything and the program itself seems to work, but they don't seem to be operateble. I ALWAYS get connection refused on everything. ftp, telnet, rlogin, ssh etc. So it must have something to do with some setting that doesn't allow connections to external hosts or... (6 Replies)
Discussion started by: riwa
6 Replies
7. UNIX for Advanced & Expert Users
Hi All,
I need to stop all the services for telnet & FTP as we want our
server to be more secure.
Please give me some steps for jumping to SSH protocol.
How can i disable telnet & ftp service on my server. (1 Reply)
Discussion started by: pradeep_desh
1 Replies
8. Shell Programming and Scripting
hi everyone
i'm running script in c-shell and i want this script to connect to admin account in order to run other script in k-shell. after that i want the script to be severed from the admin account and to continue with the regular commands
example:
my script call cs-customers
echo"starting... (16 Replies)
Discussion started by: naamas03
16 Replies
9. Solaris
I have a sunfire V240 but nobody seems to know the root password. I can get into ALOM but not console mode. Is there a hack or something that cn get me back into this system lo reload it? (5 Replies)
Discussion started by: dewsdwarfs
5 Replies
10. UNIX for Dummies Questions & Answers
Aix6.1
last | grep ftp shows me only 3 days.
last does not show me telnet login or the same as ftp.
i'd like to get the last 90 days of users who telnet or ftp to the box.
thanks in advance. (3 Replies)
Discussion started by: lawsongeek
3 Replies
FTPD(8) System Manager's Manual FTPD(8)
NAME
ftpd, in.ftpd, setup.anonftp - DARPA Internet File Transfer Protocol server
SYNOPSIS
ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd
tcpd ftp /usr/sbin/in.ftpd
DESCRIPTION
Ftpd is the DARPA Internet File Transfer Prototocol server process. The server uses the TCP protocol and listens at the port specified in
the ``ftp'' service specification; see services(5).
The ftp server currently supports the following ftp requests; case is not distinguished.
Request Description
ABOR abort previous command
ACCT specify account (ignored)
ALLO allocate storage (vacuously)
APPE append to a file
CDUP change to parent of current working directory
CWD change working directory
DELE delete a file
HELP give help information
LIST give list files in a directory (``ls -lA'')
MKD make a directory
MODE specify data transfer mode
NLST give name list of files in directory (``ls'')
NOOP do nothing
PASS specify password
PASV prepare for server-to-server transfer
PORT specify data connection port
PWD print the current working directory
QUIT terminate session
RETR retrieve a file
RMD remove a directory
RNFR specify rename-from file name
RNTO specify rename-to file name
STOR store a file
STOU store a file with a unique name
STRU specify data transfer structure
TYPE specify data transfer type
USER specify user name
XCUP change to parent of current working directory
XCWD change working directory
XMKD make a directory
XPWD print the current working directory
XRMD remove a directory
The remaining ftp requests specified in Internet RFC 959 are recognized, but not implemented.
The ftp server will abort an active file transfer only when the ABOR command is preceded by a Telnet "Interrupt Process" (IP) signal and a
Telnet "Synch" signal in the command Telnet stream, as described in Internet RFC 959.
Ftpd interprets file names according to the ``globbing'' conventions used by csh(1). This allows users to utilize the metacharacters
``*?[]{}~''.
Ftpd authenticates users according to three rules.
1) The user name must be in the password data base, /etc/passwd, and not have a null password. In this case a password must be pro-
vided by the client before any file operations may be performed.
2) The user name must not appear in the file /etc/ftpusers.
3) If the user name is ``anonymous'' or ``ftp'', an anonymous ftp account must be present in the password file (user ``ftp''). In this
case the user is allowed to log in by specifying any password (by convention this is given as the client host's name).
In the last case, ftpd takes special measures to restrict the client's access privileges. The server performs a chroot(2) command to the
home directory of the ``ftp'' user. In order that system security is not breached, it is recommended that the ``ftp'' subtree be con-
structed with care; the following rules are recommended.
~ftp) Make the home directory owned by ``ftp'' and unwritable by anyone.
~ftp/bin)
Make this directory owned by the super-user and unwritable by anyone. The program ls(1) must be present to support the list com-
mands. This program should have mode 111.
~ftp/etc)
Make this directory owned by the super-user and unwritable by anyone. The files passwd(5) and group(5) must be present for the ls
command to work properly. These files should be mode 444.
~ftp/pub)
Make this directory mode 755 and owned by the super-user. Create directories in it owned by users if those users want to manage an
anonymous ftp directory.
~ftp/pub/incoming)
Optionally create this directory for anonymous uploads. Make it mode 777. The FTP daemon will create files with mode 266, so
remote users can write a file, but only local users can do something with it.
The script setup.anonftp can be used to create or check an anonymous FTP tree.
SEE ALSO
ftp(1).
BUGS
The anonymous account is inherently dangerous and should avoided when possible.
FTPD(8)