08-04-2010
Are you using the telnet client or the ftp client?
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi everybody !
How can I configure the ftp in solaris systems ? Wich files ?
To resume : I want to create a user wich can get from a ftp session running from a PC, some files without going up in the directories. If I attached the ksh or sh shell to the user, he can go wherever he wants. If I... (7 Replies)
Discussion started by: MarcoW
7 Replies
2. Cybersecurity
I just setup my ftp server on Solaris 8. Everything works fine...except I do not want to allow certain users to be able to change directories outside of their /home directory. In other wors I don't want everyone to be able to view files in other folders outside of their home directoy. I know how to... (1 Reply)
Discussion started by: jskillet
1 Replies
3. UNIX for Dummies Questions & Answers
Hello all,
Does anyone know how to set the timeout limit on Solaris ftp machine.
Thanks all (2 Replies)
Discussion started by: larry
2 Replies
4. Linux
I have a Red Hat 9 server which I am attempting to ftp a file to
a Solaris 8 server using a shell script to perform an unattended ftp. I have the following script setup to run:
#!/bin/sh
#
cd /tmp
ftp -v 192.20.20.5 << EOF 2>&1
cd /tmp
put gatherstats
bye
EOF
I created the .netrc... (1 Reply)
Discussion started by: bubba112557
1 Replies
5. Solaris
Hi All,
I need help using the native Solaris 8 ftp client. I need to ftp through a ftp proxy. How would this be confiured on Solaris 8? Any help would be greatly appreciated. (0 Replies)
Discussion started by: cstovall
0 Replies
6. Shell Programming and Scripting
Hello,
A couple of times per week, i receive emails notifications when files are available for processing.
Currently i read these eamails with a java program and store the attachement on my C: drive and would now like to generate a PC script to send this file name up to UNIX-Solaris and... (3 Replies)
Discussion started by: bobk544
3 Replies
7. Solaris
I there i have a big problem
i make some changes in the /etc/ftpd/ftpaccess , and after that i restart the service with #svcadm refresh /network/ftp:default but the changes dont take efect , i also trie with #svcadm restart /network/ftp:default with the same result
I cant restart the... (1 Reply)
Discussion started by: gonzo
1 Replies
8. Solaris
Hi,
For past couple of years I have managed FTP Server requirement in my org by configuring default ftp server that comes with Solaris.
I am evaluating new 3rd party ftp server that runs on Solaris/Linux.
I have zeroed down on jscape FTP server which works both on Solaris/Linux as per... (3 Replies)
Discussion started by: menonk
3 Replies
9. Solaris
Hi All, I have a problem with FTP service on Solaris 10.
Whenever I try to FTP to one machine locally (ftp localhost) or from other machine I don't get any response, I see the ftp service on the machine is online and listening to port 21 but ftp is not responding.
Also it seems i can't... (16 Replies)
Discussion started by: belal84
16 Replies
10. Solaris
Dears,
Is there any way to secure ftp communication using transport layer security authentication /auth tls/? My background is solaris 10, wuftp. Scanned Solaris hosts in our network and found some insecure communications. Read all documents from oracle.com. But cannot find anything about... (1 Reply)
Discussion started by: sembii
1 Replies
LEARN ABOUT CENTOS
krb5_auth_rules
krb5_auth_rules(5) Standards, Environments, and Macros krb5_auth_rules(5)
NAME
krb5_auth_rules - Overview of Kerberos V5 authorization
DESCRIPTION
When a user uses kerberized versions of the ftp, rdist, rcp, rlogin, rsh, or telnet clients to connect to a server, even if the user's
claimed Kerberos V5 identity is authenticated, the user is not necessarily authorized. Authentication merely proves that the user is "who
he says he is" to the Kerberos V5 authentication system. Authorization also needs to be done, since it determines if that Kerberos identity
is permitted to access the Solaris user account that the client wants to access.
Each user may have a private authorization list in a file ~/.k5login in his login directory (on the server). Each line in this file should
contain a Kerberos principal name of the form principal/instance@realm. If the server finds a ~/.k5login file, then access is granted to
the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file.
If there is no ~/.k5login file, the originating user will then be checked against the gsscred table (see gsscred(1M)). If the originating
user's Kerberos V5 identity is in the gsscred table, and if the UNIX user id in the gsscred table corresponds to the user account the
client is trying access, then the originating user is granted access to the account on the server. If the UNIX user id does not match, then
the originating user is denied access.
For example, suppose the originating user has a principal name of jdb@ENG.ACME.COM and the target account is jdb-user. If jdb@ENG.ACME.COM
appears in the gsscred table with uid 23154 and if jdb-user appears in the user account database (see passwd(4)) with uid 23154, then
access to account jdb-user is granted. Of course, normally, the target account name in this example would be jdb and not jdb-user.
Finally, if there is no ~/.k5login file and if the originating user's Kerberos V5 identity is not in the gsscred table, then the user will
be granted access to the account if and only if all of the following are true:
o The user part of the authenticated principal name is the same as the target account name specified by the client.
o The realm part of the client and server are the same.
o The target account name exists on the server.
For example, if the originating user has a principal name of jdb@ENG.ACME.COM and if the server is in realm SALES.ACME.COM, then even if
jdb is a valid account name on the server, the client would be denied access. This is because the realms SALES.ACME.COM and ENG.ACME.COM
differ.
FILES
~/.k5login Per user-account authorization file.
/etc/passwd System account file. This information may also be in a directory service. See passwd(4).
ATTRIBUTES
See attributes(5) for a description of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO
ftp(1), rcp(1), rdist(1), rlogin(1), rsh(1), telnet(1), gsscred(1M), passwd(4), attributes(5), gss_auth_rules(5)
NOTES
To avoid security problems, the ~/.k5login file must be owned by the remote user.
SunOS 5.10 13 Apr 2004 krb5_auth_rules(5)