- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Restricted incoming ftp accounts
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2001 02:28 AM
тАО07-19-2001 02:28 AM
It's (relatively) easy to perform with users anonymous and ftp, but I'm struggling with a "real" account. I've tried to configure an ftpaccess file, but so far managed to simply deny ALL ftp access to the server when I add a -a flag to the ftpd entry in /etc/inetd.conf and perform an inetd -c.
Ultimately I suspect that this functionality, though available, isn't perhaps sufficiently flexible. But if anyone has any pointers on a correctly-configured ftpaccess file (particularly the class and guestgroup entries) I would be most grateful.
Bren
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2001 09:24 AM
тАО07-19-2001 09:24 AM
Solutionhttp://www.wu-ftpd.org/HOWTO/guest.HOWTO
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2001 12:10 PM
тАО07-19-2001 12:10 PM
Re: Restricted incoming ftp accounts
Nora
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2001 10:32 PM
тАО07-19-2001 10:32 PM
Re: Restricted incoming ftp accounts
Hi
If you want to have a real user as a guest one
you need to configure ftpaccess. If your guest
group is called guest :
/etc/ftpd/ftpaccess (second line is the one
to permit all users to connect to your system):
guestgroup guest
class all real,guest,anonymous *
/etc/group :
guest::500:export
/etc/passwd :
export:
/etc/shell (minimum):
/usr/bin/sh
/usr/bin/rsh
/usr/bin/ksh
/usr/bin/rksh
/usr/bin/csh
/usr/bin/keysh
/usr/bin/false
And now create the virtual root in /home/export
(see ftpd man page, a really good cookbook).
If you want to limit access (see man ftpaccess)
you can add "upload..." lines to permit or not
upload on directories.
HTH
Herv?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2001 11:18 PM
тАО07-19-2001 11:18 PM
Re: Restricted incoming ftp accounts
Each answer was absolutely relevant and useful.
I think I've got it now. 10 points all 'round I think.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-20-2001 12:07 AM
тАО07-20-2001 12:07 AM
Re: Restricted incoming ftp accounts
1. First you should edit the /etc/inetd.conf file with the "-a" option
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l -a
After you edited it ,issue " inetd -c"
2. Second you should revise the /etc/passwd file , append the /./ to their home directory ! like following !
user1:Atv37/cTtYInw,/.hN:555:555:FTP user:/export/home/ftp/./:/usr/bin/false
3. Create a group which contain the ftpuser in /etc/group
ftpguest::555:iftp,ftp,public
4. then Edit the /etc/ftpd/ftpaccess file , my ftpaccess file is :
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
class all real,guest,anonymous *
# Define the line that limits the ftponly group to their own directories
# in the ftp-root heirarchy.
guestgroup ftpguest ## Here is the group name
email mail@labc.com
loginfails 5
readme README* login
readme README* cwd=*
message /welcome.msg login
message .message cwd=*
compress yes all
tar yes all
chmod no guest,anonymous
delete no guest,anonymous
overwrite no guest,anonymous
rename no guest,anonymous
log transfers anonymous,real inbound,outbound
shutdown /etc/shutmsg
passwd-check rfc822 warn
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
5. You can restrict any user by /etc/ftpd/ftpusers file
I have tested it on HPUX11.0 and it works fine for me . in fact , if you "man ftpd " and if the ftpd daemon has a "-a" option , I think it's fine to make it works too !
Good luck .