- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: ftpusers file
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2002 12:23 PM
10-21-2002 12:23 PM
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2002 12:27 PM
10-21-2002 12:27 PM
Re: ftpusers file
ftp://ftp.porcupine.org/pub/security/index.html
Ted
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2002 12:29 PM
10-21-2002 12:29 PM
Re: ftpusers file
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2002 12:32 PM
10-21-2002 12:32 PM
Re: ftpusers file
You could use the ftpaccess file and setup a class of users that are allowed to ftp into the system.
JP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2002 12:48 PM
10-21-2002 12:48 PM
Re: ftpusers file
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2002 12:50 PM
10-21-2002 12:50 PM
Re: ftpusers file
Can I create a class in ftpaccess file with real usernames like root or user1 other than the 3 keyword "real","guest,"anonymous" ? I tried that,but it seemed all ftp access was denied then.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2002 01:01 PM
10-21-2002 01:01 PM
Re: ftpusers file
No, you have to specify a group in the ftpaccess file and not specific users. The good part about doing it that way is that you can control access to users through the /etc/group file and you don't have to modify the ftpaccess file everytime you add or delete a user.
JP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2002 01:12 PM
10-21-2002 01:12 PM
Re: ftpusers file
To define the group, is it a command in ftpaccess file called "group" or just use "class" command?
this is the class defination in my file:
class local real,guest,anonymous *.domain 0.0.0.0
class remote real,guest,anonymous *
it only accept one of the keyword like "real","guest","anonymous", how can I add a group ...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2002 06:15 PM
10-21-2002 06:15 PM
SolutionIn your example of the ftpaccess file:
class local real,guest,anonymous *.domain 0.0.0.0
class remote real,guest,anonymous *
You have defined two groups, 'local' and 'remote'. You can add entries in your /etc/group file for 'local' and 'remote' (just like any other group you would create there), and then associate user ids with either of those groups depending on the access you want to give. You have three choices for your type as you have noted. The 'real' type checks for the userid against /etc/passwd, so the user has to have an account on your system. The anonymous type will match users using anonymous ftp. The guest type acts like a mix of the previous two types. The guest user is validated against /etc/passwd for a valid user account, and then the user is chroot'd to a directory which you setup in the /etc/passwd home directory entry for that user. I setup a Linux ftp server using the ftpaccess method, and I'm using the guest type of accounts. It seems to work great.
Does that help? I know it seems a little strange at first, but once you get the hang of the ftpaccess layout it makes a little more sense. :)
JP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2002 06:02 AM
10-22-2002 06:02 AM
Re: ftpusers file
Gary
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2002 06:05 AM
10-22-2002 06:05 AM
Re: ftpusers file
You're welcome. I'm glad I could help you. I'd much rather hear that I helped somebody solve a problem than to get a bunch of points! :)
JP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2002 07:27 AM
10-22-2002 07:27 AM
Re: ftpusers file
#!/sbin/sh
cp -p /etc/ftpd/ftpusers /etc/ftpd/ftpusers.old
/usr/bin/ypcat passwd | awk -F: '{ print $1 }' > /etc/ftpd/ftpusers
for user in $( /usr/bin/ypcat group | grep ftpallow /etc/group | awk -F: '{ print $4 }' | sed -e 's/,/ /g')
do
grep -v "^$user" /etc/ftpd/ftpusers > /etc/ftpd/ftpusers.new
cat /etc/ftpd/ftpusers.new > /etc/ftpd/ftpusers
rm /etc/ftpd/ftpusers.new
done
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2002 01:13 AM
10-23-2002 01:13 AM
Re: ftpusers file
For TCP-wrapper,it'll give you how is allowed to login to the sever, how is deny. I think it's not a good idea,you need only to allow & deny some users.
So the best way is the following both files ftaccess en ftpusers.
Regards,
Hamdy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2002 07:56 AM
11-06-2002 07:56 AM
Re: ftpusers file
#ftphosts
#action user hostmask
accept root *
accept ftpuser *
deny * *
I don't really know if the deny all is needed, but this worked for me.