- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: ftp acccess for users
Operating System - HP-UX
1752579
Members
4340
Online
108788
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-06-2009 06:15 AM
тАО10-06-2009 06:15 AM
I need to limit ftp access. I am assuming that I need to implement the ftpaccess file. My goal is to limit ALL users (except root) to just one directory. The users should only be able to access /ftpfiles. Does anyone have an example of how to define this? THX!
Yesterday was the first day of the rest of your life
Solved! Go to Solution.
6 REPLIES 6
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-06-2009 06:22 AM
тАО10-06-2009 06:22 AM
Re: ftp acccess for users
Hi
then you can use /etc/ftpuser. The ftpd daemon rejects remote logins to local user accounts that are named in /etc/ftpusers.
Just pick up and put users in this file.
then you can use /etc/ftpuser. The ftpd daemon rejects remote logins to local user accounts that are named in /etc/ftpusers.
Just pick up and put users in this file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-06-2009 06:25 AM
тАО10-06-2009 06:25 AM
Re: ftp acccess for users
Hi
The FTP configuration file is the ftpaccess file. It resides in the /etc/ftpd directory. If you do not currently have one, make a copy from the one located in the newconfig directory:
On HP-UX 11:
#cp /usr/newconfig/etc/ftpd/ftpaccess /etc/ftpd/ftpaccess
On HP-UX 11i:
#cp /usr/newconfig/etc/ftpd/examples/ftpaccess /etc/ftpd/ftpaccess
The FTP daemon will not use the configuration file until the /etc/inetd.conf file is edited to include the following:
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -a /etc/ftpd/ftpaccess
Replacing the lowercase ├в a├в with the uppercase ├в A├в will disable the use of the FTP configuration file. For the Internet Daemon to read this new configuration setting, you must run inetd with the ├в -c├в option. (inetd ├в c). The following are examples of a few of the options available in the configuration file:
noretrieve:
Example:
noretrieve /etc/passwd /etc/group core .netrc .rhosts
Description:
Files listed after the noretrieve option are files that cannot be retrieved with FTP. When only the file name is specified (as with core, .netrc, and .rhosts), then no files on the system with that name can be retrieved. When the full pathname is used (as in /etc/passwd and /etc/group), that specific file cannot be retrieved. In this example, /etc/passwd could not be retrieved but a file named /tmp/passwd or /etc/passwd.old could be retrieved.
deny:
Example:
deny ctg500g /etc/ftpd/ctg500g_denymsg
Description:
The deny option is used to deny access to a particular host or a group of hosts. In addition, a message can be displayed to the client attempting FTP access. The ├в !nameserved├в parameter can also be used as the hostname to prohibit access to sites who do not have a working nameserver. Note that the parameter ends in ├в d├в , not ├в r├в .
loginfails:
Example:
loginfails 2
Description:
The loginfails option is used to limit the number of FTP login attempts before the connection is terminated. The default value is 5
Regards
Sunny
The FTP configuration file is the ftpaccess file. It resides in the /etc/ftpd directory. If you do not currently have one, make a copy from the one located in the newconfig directory:
On HP-UX 11:
#cp /usr/newconfig/etc/ftpd/ftpaccess /etc/ftpd/ftpaccess
On HP-UX 11i:
#cp /usr/newconfig/etc/ftpd/examples/ftpaccess /etc/ftpd/ftpaccess
The FTP daemon will not use the configuration file until the /etc/inetd.conf file is edited to include the following:
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -a /etc/ftpd/ftpaccess
Replacing the lowercase ├в a├в with the uppercase ├в A├в will disable the use of the FTP configuration file. For the Internet Daemon to read this new configuration setting, you must run inetd with the ├в -c├в option. (inetd ├в c). The following are examples of a few of the options available in the configuration file:
noretrieve:
Example:
noretrieve /etc/passwd /etc/group core .netrc .rhosts
Description:
Files listed after the noretrieve option are files that cannot be retrieved with FTP. When only the file name is specified (as with core, .netrc, and .rhosts), then no files on the system with that name can be retrieved. When the full pathname is used (as in /etc/passwd and /etc/group), that specific file cannot be retrieved. In this example, /etc/passwd could not be retrieved but a file named /tmp/passwd or /etc/passwd.old could be retrieved.
deny:
Example:
deny ctg500g /etc/ftpd/ctg500g_denymsg
Description:
The deny option is used to deny access to a particular host or a group of hosts. In addition, a message can be displayed to the client attempting FTP access. The ├в !nameserved├в parameter can also be used as the hostname to prohibit access to sites who do not have a working nameserver. Note that the parameter ends in ├в d├в , not ├в r├в .
loginfails:
Example:
loginfails 2
Description:
The loginfails option is used to limit the number of FTP login attempts before the connection is terminated. The default value is 5
Regards
Sunny
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-06-2009 06:49 AM
тАО10-06-2009 06:49 AM
Re: ftp acccess for users
I'm lost. I have the /etc/ftpd/ftpaccess file in place. I don't want to deny any users access. I just want to restrict users to one directory on the system. Do I use the noretrieve option? Thanks for the quick responses!
Yesterday was the first day of the rest of your life
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-06-2009 07:07 AM
тАО10-06-2009 07:07 AM
Re: ftp acccess for users
Hi
For that you can use
noretrieve:
Example:
noretrieve /etc/passwd /etc/group core .netrc .rhosts
Description:
Files listed after the noretrieve option are files that cannot be retrieved with FTP. When only the file name is specified (as with core, .netrc, and .rhosts), then no files on the system with that name can be retrieved. When the full pathname is used (as in /etc/passwd and /etc/group), that specific file cannot be retrieved. In this example, /etc/passwd could not be retrieved but a file named /tmp/passwd or /etc/passwd.old could be retrieved
Regards
Sunny
For that you can use
noretrieve:
Example:
noretrieve /etc/passwd /etc/group core .netrc .rhosts
Description:
Files listed after the noretrieve option are files that cannot be retrieved with FTP. When only the file name is specified (as with core, .netrc, and .rhosts), then no files on the system with that name can be retrieved. When the full pathname is used (as in /etc/passwd and /etc/group), that specific file cannot be retrieved. In this example, /etc/passwd could not be retrieved but a file named /tmp/passwd or /etc/passwd.old could be retrieved
Regards
Sunny
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-06-2009 07:28 AM
тАО10-06-2009 07:28 AM
Solution
> I'm lost.
It's all the helpful advice.
If you wish to confine users to some
particular directory, then you can make them
"guest" users. "man ftpd", look for "guest".
It's much like anonymous FTP, but with real
log-in info.
A Forum search for keywords like
ftp guest
or
ftp chroot
should find (far too) many previous similar
discussions.
It's all the helpful advice.
If you wish to confine users to some
particular directory, then you can make them
"guest" users. "man ftpd", look for "guest".
It's much like anonymous FTP, but with real
log-in info.
A Forum search for keywords like
ftp guest
or
ftp chroot
should find (far too) many previous similar
discussions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-06-2009 07:44 AM
тАО10-06-2009 07:44 AM
Re: ftp acccess for users
I will check previous posts -Thanks
Yesterday was the first day of the rest of your life
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP