04-02-2009
etc/ftpd/ftpusers & philosophy of disabling root
we don't have root in our /etc/ftpd/ftpusers and we are getting some pushback from the external auditors about this - specifically as a security risk if a "sniffer" were to catch roots password at the ftp.
What do most shops do - disable ftp for root?
What do you do to get things to the machine in that case -- like patches or utilities? Do you not logon as root and ftp them over from the network or whereever you have them? Or do you logon as yourself to do that? Or do you remove the entry, do the ftp & put the entry back?
what is the normal practice so I can respond to these folks.
Thanks.
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello
I am trying to configure WU-FTPD on Solaris 10 to do the following:
Using the -r parameter to in.ftpd, I am running the FTP demon within a CHROOT jail (/export/ftp). The FTP service is also being controlled by SMF. This seems to work fine.
However, one of the requirements I have is to... (2 Replies)
Discussion started by: CowsUdders
2 Replies
2. IP Networking
Helo !
I want to do something and I don't know where to start... I want to make a small web hosting server (just for me and a few friends) and for the sake of learning I'd like to make an account for every user. The thing is that I want everyone to log into the server and to be put in his home... (3 Replies)
Discussion started by: Sergiu-IT
3 Replies
3. SCO
Hy,
Coud someone tell me how to disable root login via terminal (only from console should be allowed).
There is no ssh installed, only telnet.
I created a user which will have permission to su to root, but now i don't know where and what to modify to disable root login?
SCO OpenServer 5
... (1 Reply)
Discussion started by: veccinho
1 Replies
4. AIX
Hello!
I'm going through security checklist for AIX 5.3 and i just can't disable remote login for root through ssh.
What i did:
- in /etc/security/user i added a line:
rlogin = false
which works fine when i try to login through telnet
- after installation of openSSH i edited... (3 Replies)
Discussion started by: veccinho
3 Replies
5. UNIX Desktop Questions & Answers
Hi All,
I am ftping a file from unix to mainframe. Now the problem arises that i want to check if the file was ftpd or not. Is there any way i could do this? (4 Replies)
Discussion started by: vikas.rao11
4 Replies
6. AIX
Hi,
I want to disable telnet login for root only so that other users can telnet?
Regards,
Manoj (8 Replies)
Discussion started by: manoj.solaris
8 Replies
7. SCO
dear all,
pls give the sollution to disable root login from telnet directly.but it should allow while we type su command (2 Replies)
Discussion started by: prakrithi
2 Replies
8. UNIX for Beginners Questions & Answers
I need to know how to restrict the ftpusers within their home directory in AIX 7.1
For example for ftpuser nonoftp I have tried putting this entry to /etc/ftpaccess.ctl and refreshed inetd but the directory listing unsuccessful error comes with the entry. Without the ftpaccess.ctl file ftp users... (2 Replies)
Discussion started by: pregmi
2 Replies
LEARN ABOUT OSX
ftp_geturl
ftp::geturl(n) ftp client ftp::geturl(n)
__________________________________________________________________________________________________________________________________________________
NAME
ftp::geturl - Uri handler for ftp urls
SYNOPSIS
package require Tcl 8.2
package require ftp::geturl ?0.2.1?
::ftp::geturl url
_________________________________________________________________
DESCRIPTION
This package provides a command which wraps around the client side of the ftp protocol provided by package ftp to allow the retrieval of
urls using the ftp schema.
API
::ftp::geturl url
This command can be used by the generic command ::uri::geturl (See package uri) to retrieve the contents of ftp urls. Internally it
uses the commands of the package ftp to fulfill the request.
The contents of a ftp url are defined as follows:
file The contents of the specified file itself.
directory
A listing of the contents of the directory in key value notation where the file name is the key and its attributes the asso-
ciated value.
link The attributes of the link, including the path it refers to.
BUGS, IDEAS, FEEDBACK
This document, and the package it describes, will undoubtedly contain bugs and other problems. Please report such in the category ftp of
the Tcllib SF Trackers [http://sourceforge.net/tracker/?group_id=12883]. Please also report any ideas for enhancements you may have for
either package and/or documentation.
SEE ALSO
ftpd, mime, pop3, smtp
KEYWORDS
ftp, internet, net, rfc 959
CATEGORY
Networking
ftp 0.2.1 ftp::geturl(n)