Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: etc/ftpd/ftpusers & philosophy of disabling root
Top Forums UNIX for Dummies Questions & Answers etc/ftpd/ftpusers & philosophy of disabling root Post 302303426 by LisaS on Thursday 2nd of April 2009 02:56:34 PM
Old 04-02-2009
etc/ftpd/ftpusers & philosophy of disabling root
we don't have root in our /etc/ftpd/ftpusers and we are getting some pushback from the external auditors about this - specifically as a security risk if a "sniffer" were to catch roots password at the ftp.

What do most shops do - disable ftp for root?

What do you do to get things to the machine in that case -- like patches or utilities? Do you not logon as root and ftp them over from the network or whereever you have them? Or do you logon as yourself to do that? Or do you remove the entry, do the ftp & put the entry back?

what is the normal practice so I can respond to these folks.

Thanks.
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

FTPD, CHROOT, SMF and non-root user

Hello I am trying to configure WU-FTPD on Solaris 10 to do the following: Using the -r parameter to in.ftpd, I am running the FTP demon within a CHROOT jail (/export/ftp). The FTP service is also being controlled by SMF. This seems to work fine. However, one of the requirements I have is to... (2 Replies)
Discussion started by: CowsUdders
2 Replies

2. IP Networking

Change the root directory for apache, sshd and ftpd

Helo ! I want to do something and I don't know where to start... I want to make a small web hosting server (just for me and a few friends) and for the sake of learning I'd like to make an account for every user. The thing is that I want everyone to log into the server and to be put in his home... (3 Replies)
Discussion started by: Sergiu-IT
3 Replies

3. SCO

Disabling root login

Hy, Coud someone tell me how to disable root login via terminal (only from console should be allowed). There is no ssh installed, only telnet. I created a user which will have permission to su to root, but now i don't know where and what to modify to disable root login? SCO OpenServer 5 ... (1 Reply)
Discussion started by: veccinho
1 Replies

4. AIX

Problems with disabling remote root login

Hello! I'm going through security checklist for AIX 5.3 and i just can't disable remote login for root through ssh. What i did: - in /etc/security/user i added a line: rlogin = false which works fine when i try to login through telnet - after installation of openSSH i edited... (3 Replies)
Discussion started by: veccinho
3 Replies

5. UNIX Desktop Questions & Answers

how to check if a file ftpd to mainframe was actually ftpd

Hi All, I am ftping a file from unix to mainframe. Now the problem arises that i want to check if the file was ftpd or not. Is there any way i could do this? (4 Replies)
Discussion started by: vikas.rao11
4 Replies

6. AIX

disabling telnet login for root only

Hi, I want to disable telnet login for root only so that other users can telnet? Regards, Manoj (8 Replies)
Discussion started by: manoj.solaris
8 Replies

7. SCO

how to disabling root user

dear all, pls give the sollution to disable root login from telnet directly.but it should allow while we type su command (2 Replies)
Discussion started by: prakrithi
2 Replies

8. UNIX for Beginners Questions & Answers

How to restrict ftpusers in AIX to home directory?

I need to know how to restrict the ftpusers within their home directory in AIX 7.1 For example for ftpuser nonoftp I have tried putting this entry to /etc/ftpaccess.ctl and refreshed inetd but the directory listing unsuccessful error comes with the entry. Without the ftpaccess.ctl file ftp users... (2 Replies)
Discussion started by: pregmi
2 Replies

LEARN ABOUT X11R4

ftpaddhost

ftpaddhost(1M)						  System Administration Commands					    ftpaddhost(1M)

NAME

       ftpaddhost - set up a virtual FTP host

SYNOPSIS

       ftpaddhost -c | -l [-b] [-x xferlog] hostname root_dir

DESCRIPTION

       The  ftpaddhost	script is executed by the super user to set up virtual FTP hosts. The ftpaddhost command configures the virtual host host-
       name under directory root_dir. The value of hostname can be an IP address or the name of a host.

OPTIONS

       The ftpaddhost script supports the following options:

       -b		       Create a banner for the virtual host. This option is useful to confirm that the virtual host is working.

       -c		       Configure complete virtual hosting. This option allows each virtual host to have its own version of the	ftpaccess,
			       ftpconversions, ftpgroups, ftphosts, and ftpusers files. The master version of each of these configuration files is
			       copied from  the  /etc/ftpd  directory  and  placed  in	 the  /etc/ftpd/virtual-ftpd/hostname  directory.  If  the
			       /etc/ftpusers file exists it is appended to the virtual ftpusers file. If a virtual host lacks its own version of a
			       configuration file, the master version is used.

       -l		       Configure limited virtual hosting. This	option allows a small number of parameters to  be  configured  differently
			       for a  virtual host. See the virtual keyword on the ftpaccess(4) manual page.

       -x xferlog	       Create a logfile entry such that the transfer logs for the virtual host are written to the specified file. An abso-
			       lute path must be specified for the xferlog file.

OPERANDS

       The following operands are supported:

       hostname        The host name or IP address of the virtual server.

       root_dir        The absolute pathname of the directory under which the virtual server is set up.

EXIT STATUS

       The following exit values are returned:

       0	Successful completion

       1	Improper usage of the command

       2	Command failed

FILES

       /etc/ftpd/virtual-ftpd/hostname	       The configuration files directory for the virtual host hostname.

ATTRIBUTES

       See attributes(5)  for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWftpu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ftpconfig(1M), in.ftpd(1M), ftpaccess(4), ftpconversions(4), ftpgroups(4), ftphosts(4), ftpusers(4), xferlog(4), attributes(5)

SunOS 5.10							    1 May 2003							    ftpaddhost(1M)
All times are GMT -4. The time now is 04:25 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy