HPE Community
Operating System - HP-UX
1832647 Members
2694 Online
110043 Solutions
New Discussion

Re: Ftp server configuration

 
SOLVED
Go to solution
Fabrizio_10
Frequent Advisor

‎10-24-2002 06:16 AM

‎10-24-2002 06:16 AM

Ftp server configuration

Hello,

I tried to configure my ftp server ((FTP server (Version 1.1.214.4(PHNE_23950))without succes regarding chroot user.
I would like to create only an ftp access, without shell, for user pro. I've just added /usr/bin/false to my /etc/shells and after I've added the user with /usr/bin/false shell.

Now, I wuold like to chroot this user only to his directory /home/pro .
Could someone sugget me how to do it?

Thanks a lot
0 Kudos
Reply
6 REPLIES 6
Christopher McCray_1
Honored Contributor

‎10-24-2002 06:25 AM

‎10-24-2002 06:25 AM

Re: Ftp server configuration

You need to use the ftpaccess file (man ftpaccess), if you are using HP-UX 11.00 or higher (wu-ftp if 10.20), for the directory access issue. Other than that you have in essence an ftp only account because you have /usr/bin/false as their default shell.

Check out these docs:

http://www1.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000063248362

http://www1.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000062906536

http://www1.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000062909155

A generic ftpaccess file is in /usr/newconfig/etc/ftpd . You can use it to customize to your environment.

Hope this helps
Chris
It wasn't me!!!!
0 Kudos
Reply
Yogeeraj_1
Honored Contributor

‎10-24-2002 06:38 AM

‎10-24-2002 06:38 AM

Re: Ftp server configuration

hi,

i had a similar post a few month ago.

please see:
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xfcc491ccb36bd611abdb0090277a778c,00.html

or
take a look at the thread below on how to setup ftpaccess on your system.

http://us-support.external.hp.com/cki/bin/doc.pl/sid=f3889157083aef0a6e/screen=ckiDisplayDocument?docId=500000000092476


Hope this helps!

Regards
Yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
Reply
Fabrizio_10
Frequent Advisor

‎10-24-2002 07:34 AM

‎10-24-2002 07:34 AM

Re: Ftp server configuration

Hi again,

here's my ftpaccess.

...
# cdpath
cdpath /incoming
cdpath /pub
cdpath /

...
guestgroup ict

and this is my /etc/passwd related to chroot user:

pro:"password":6071:3029::/bmd/input/./:/usr/bin/false

When I logged with pro users I see this:

Password:
230 User medpro logged in. Access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/" is current directory.

But the directory should be /bmd/input and not / .

My /etc/shells contains all type shell, also /usr/bin/false.
My inetd was modified with -a option.
Thanks again!


0 Kudos
Reply
Fabrizio_10
Frequent Advisor

‎10-24-2002 07:49 AM

‎10-24-2002 07:49 AM

Re: Ftp server configuration

Oops sorry!
I forget a step in previous post:

I do it for chroot user:

mkdir usr
mkdir usr/bin
cp /usr/bin/ls usr/bin/ls
chmod -R 555 usr
chown -R bin:bin usr

but I see this error:

ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /usr/bin/ls.
crt0: ERROR couldn't open /usr/lib/dld.sl errno:000000002
226 Transfer complete.

Why ?
0 Kudos
Reply
Tom Danzig
Honored Contributor

‎10-24-2002 08:03 AM

‎10-24-2002 08:03 AM

Solution

Re: Ftp server configuration

When copying the ls binary, use /sbin/ls, not /usr/bin/ls. the former is not dynamicly linked.
Reply
Fabrizio_10
Frequent Advisor

‎10-24-2002 08:13 AM

‎10-24-2002 08:13 AM

Re: Ftp server configuration

Thank you Tom & others, now ftp server, works fine with chroot.

Regards,
Fabrizio
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.