- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- ftp access directory restriction on 10.20
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2001 04:21 AM
06-07-2001 04:21 AM
ftp access directory restriction on 10.20
I need to create two users that can ftp into the system (10.20) and only see one directory. I don't want them to be able to move around in the system at all. They only need to see if their files are in the one directory that they have access to.
I've read a lot on restricted shell, but I've also seen some info on ftpaccess. In 10.20, what is the best way to do this?
Thanks in advance.
-Rob
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2001 04:32 AM
06-07-2001 04:32 AM
Re: ftp access directory restriction on 10.20
To configure FTP look at:
http://docs.hp.com/hpux/onlinedocs/B2355-90685/B2355-90685.html
regards,
MB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2001 04:35 AM
06-07-2001 04:35 AM
Re: ftp access directory restriction on 10.20
http://forums.itrc.hp.com/cm/QuestionAnswer/1,1150,0xd5ab53921f1ad5118fef0090279cd0f9,00.html
Regards,
Rita
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2001 04:46 AM
06-07-2001 04:46 AM
Re: ftp access directory restriction on 10.20
Here is the info you needed in order to create a "guest login".
How to setup Guest accounts
There are three kinds of logins provided WU-FT:
* anonymous FTP
* real FTP
* guest FTP
Guest accounts require explicit user entries in the system /etc/passwd
file but performs a chroot to a designated directory, thus maintaining
security and integrity.
Steps to be followed:
1. Make the edits to the /etc/passwd file by adding users:
ftpguest:4rL2HZkDatENY:505:125::/home/ftp/ftpguest/./:/usr/bin/false
'.' is the delimiter to determine where the chroot will be performed. In
this example, after logging in '/' will in effect be /home/ftp/ftpguest.
If the delimiter was placed between ftp and ftpguest then '/' would be
/home/ftp ftpguest was used as the account name in this example but you
could use any name you like.
2. /usr/bin/false will have to be added to the /etc/shells file.
See man(4) shells for further details
3. Make the edits to the /etc/group file
ftpgroup::125:ftpguest
- Create and set the permissions and ownership for the directory
(/home/ftp/ftpguest) to what suits you best.
4. Add an entry into the ftpaccess file. This file will most probably have
to
be copied from the /usr/newconfig/etc/ftpd/ftpaccess to /etc/ftpd/ftpaccess.
Add a guestgroup entry (in the /etc/ftpd/ftpaccess file) to allow a group
of users to be treated as 'guests'. This entry will correspond to the entry
in the /etc/group file. Here is a sample of the ftpaccess file to use guest
groups.
# specify which group of users will be treated as "guests".
guestgroup ftpgroup
5. Edit the /etc/inetd.conf file and add the '-a' option to enable ftpd to
use the ftpaccess file. Here is an example;
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l -a
You will need to reconfigure inetd by running /usr/sbin/inetd -c to
reread the /etc/inetd.conf file after making the change.
6. Since this is similar to anonymous FTP in the respect that you are in a
chrooted area (the path to / is different than on your system) you will
also have to replicate the /usr/bin and /etc directories. The easiest way
to do this is to use SAM to create an anonymous FTP setup and then replicate
the /etc & /usr/bin directories into your ftp guest root directory. Here
is an example of how you would replicate the ~ftp/usr and ~ftp/etc directory
to your new ftp guest directory. We use the ftpguest user in this example.
cp -R ~ftp/usr ~ftpguest/usr
cp -R ~ftp/etc ~ftpguest/etc
At this point you should have the files and programs needed for your
ftpguest user.
** This is dependent upon where the '.' delimiter has been positioned. If
the delimiter is positioned prior to the ftp username then only the root
directory (/home/ftp) needs to contain a /usr & /etc directory structure.
If the delimiter is placed post the username then each individual user
will require this directory structure.
** NOTE: When providing the 'ls' command, use /sbin/ls, not /usr/bin/ls.
7. Another thing I noticed is that you must touch the file
/etc/ftpd/ftpgroups.
If you do not, you will see messages in syslog.log indicating that ftpd
could
not stat this file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2001 05:12 AM
06-07-2001 05:12 AM
Re: ftp access directory restriction on 10.20
If you need help on configuring wu_ftpd, see my doc at "http://www.invenioeng.com/systems/ftpd_faq.html"
Regards,
Shannon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2001 05:13 AM
06-07-2001 05:13 AM
Re: ftp access directory restriction on 10.20
And does anyone know where HP-UX 10.20 wu-ftpd installation instructions can be found?
Thanks.