topic Re: restrict ftp-access in Operating System - HP-UX

restrict ftp-access

Jens Ebert — Fri, 12 Jul 2002 13:53:15 GMT

Any configuration idea for the following: ftp on HP-UX 11.0 only possible for one certain user, all other users are disallowed. I looked into PAM, but it's quite complex to understand.

Re: restrict ftp-access

Jeff Schussele — Fri, 12 Jul 2002 13:56:45 GMT

Hi Jens,

Take a look at your /var/adm/inetd.sec file
This is where the ftp security would be defined.
Note - If you alter it you should run
inetd -c
to put the changes in effect.

HTH,
Jeff

Re: restrict ftp-access

Christopher McCray_1 — Fri, 12 Jul 2002 14:01:31 GMT

Hello,

You can also add all the users you DON'T want to grant access to in the /etc/ftpd/ftpusers file (assuming you dont have a lot).

Just a thought.

Hope this helps

Chris

Re: restrict ftp-access

V. V. Ravi Kumar_1 — Fri, 12 Jul 2002 14:04:02 GMT

hi,

put all entries for whom u don't want ftp access in /etc/ftpd/ftpusers.

regds
ravi

Re: restrict ftp-access

PIYUSH D. PATEL — Fri, 12 Jul 2002 14:05:24 GMT

Hi,

Put the user names in /etc/ftpusers to prevent ftp access to them. or /etc/ftpd/ftpusers

Piyush

Re: restrict ftp-access

Arockia Jegan — Fri, 12 Jul 2002 14:08:05 GMT

You can do that as mentioned by Jeff and Christoper.

But you want to allow only one user. If the user is in outside the firewall, you can restrict the ftp access(block the port 20&21 in the firewall. Allow only one user to access through the ports)to rest other people other than one user. It's easy to setup too.

Re: restrict ftp-access

Sanjay_6 — Fri, 12 Jul 2002 15:00:38 GMT

Hi,

you can try to setup ftpaccess for this user.

http://support2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=500000000092476

Hope this helps.

Regds

Re: restrict ftp-access

Daimian Woznick — Fri, 12 Jul 2002 15:01:22 GMT

An easy way to put all the users with the exception of the one user would be:

grep -v ^ACCOUNT: /etc/passwd | awk -F: '{print $1}' > /etc/ftpusers

The ACCOUNT is the account you want to allow access.

Hope this helps.

Re: restrict ftp-access

Jens Ebert — Mon, 15 Jul 2002 14:27:02 GMT

Thank you for answering - I have a solution now that works.
The ideal szenario for me would have been that the file ftpusers supports "allow" and "deny" lines, as just deny-lines are hard to maintain if you add users.