HPE Community
Operating System - HP-UX
1837971 Members
3536 Online
110124 Solutions
New Discussion

ftp issue

 
常有慈悲心
Regular Advisor

‎08-14-2003 07:43 PM

‎08-14-2003 07:43 PM

ftp issue

How i can disable ftp access of root ,and others account can ftp libertily ?
0 Kudos
Reply
5 REPLIES 5
twang
Honored Contributor

‎08-14-2003 07:55 PM

‎08-14-2003 07:55 PM

Re: ftp issue

On a secure system, these users should be inserted into the /etc/ftpd/ftpusers file. Remove 'root' entry to disable root to use ftp:

# cat /etc/ftpd/ftpusers
operator
root (remove it)
daemon
bin
sys
adm
uucp
lp
nuucp
hpdb
www
#

If your /etc/ftpd/ftpusers is blank, insert the other users into it.
0 Kudos
Reply
Con O'Kelly
Honored Contributor

‎08-14-2003 07:58 PM

‎08-14-2003 07:58 PM

Re: ftp issue

Hi


Put root entry in
/etc/ftpd/ftpusers file.

Any login name listed in ftpusers is DISABLED from using ftp.

Cheers
Con
0 Kudos
Reply
Keith Bevan_1
Trusted Contributor

‎08-15-2003 12:36 AM

‎08-15-2003 12:36 AM

Re: ftp issue

You may find additional useful ftp information on the man pages.

Just type :-

man ftpusers

man ftpaccess


Keith
You are either part of the solution or part of the problem
0 Kudos
Reply
Tim Adamson_1
Honored Contributor

‎08-15-2003 12:58 AM

‎08-15-2003 12:58 AM

Re: ftp issue

Add root to the /etc/ftpd/ftpusers file.

If root is in that file, root can not ftp to that server.


Tim
Yesterday is history, tomorrow is a mystery, today is a gift. That's why it's called the present.
0 Kudos
Reply
RolandH
Honored Contributor

‎08-15-2003 03:38 AM

‎08-15-2003 03:38 AM

Re: ftp issue

If you want prevent root user to ftp to your system than create a file /etc/shells.

put in all shells which are used from users.

ie.

# cat /etc/shells
/usr/bin/ksh
/usr/bin/sh
/usr/bin/csh
/usr/bin/tcsh
/usr/local/bin/bash

All these users, who are using these shells are able to do ftp to your system. the root user has always /sbin/sh shell. This shell is missing in /etc/shells in my example so root can not ftp to your system.

If you have more than one root accounts (in some admin areas configured) like this:

root:XXXXXXXXXXX:0:3::/:/sbin/sh
RolandH:XXXXXXXXXXX:0:3::/:/sbin/sh

Then the account RolandH is not able to do ftp to your system, too. You must not add these user to /etc/ftpd/ftpusers.
/etc/shells must have only read rights and shoul belong to root:sys . All others are free to use ftp to this system.


HTH
Roland

Sometimes you lose and sometimes the others win
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.