HPE Community
Operating System - HP-UX
1824976 Members
3861 Online
109678 Solutions
New Discussion юеВ

ftpaccess and ftpd

 
SOLVED
Go to solution
Thayanidhi
Honored Contributor

тАО09-13-2005 07:29 PM

тАО09-13-2005 07:29 PM

ftpaccess and ftpd

Hi,

I just want disable some users from using ftp, without changing any current functionality.
Can some one post the entries to be kept in ftpaccess and modification to inetd.conf?

Right now no ftpaccess file.

Regds
TT
Attitude (not aptitude) determines altitude.
0 Kudos
11 REPLIES 11
Orhan Biyiklioglu
Respected Contributor

тАО09-13-2005 07:34 PM

тАО09-13-2005 07:34 PM

Re: ftpaccess and ftpd

http://newfdawg.com/SHP-FTP-ftpaccess.htm

"Securing the FTP service on HP-UX: Introduction to the ftpaccess file"

is a good source about this topic.
0 Kudos
Orhan Biyiklioglu
Respected Contributor

тАО09-13-2005 07:43 PM

тАО09-13-2005 07:43 PM

Re: ftpaccess and ftpd

You should also check the ftphots file.
man 4 ftphots

Its format is like:

[allow|deny] username host(s)

So,

deny root *

should deny root login from anywhere.
0 Kudos
Orhan Biyiklioglu
Respected Contributor

тАО09-13-2005 07:44 PM

тАО09-13-2005 07:44 PM

Re: ftpaccess and ftpd

Sorry for the typo the file should be ftphosts
0 Kudos
Sergejs Svitnevs
Honored Contributor

тАО09-13-2005 07:46 PM

тАО09-13-2005 07:46 PM

Re: ftpaccess and ftpd

Hi,

You can prohibit incoming incoming ftp from a specific IP address (deny option in ftpaccess).
Use of ftpaccess is disabled by default. To enable ftpaccess, set "ftpd -a" flag in inetd.conf, then "inetd -c".

I suggest you download WU-FTPD from software.hp.com and do this here with a combination of the /etc/shells, /etc/group, and ftpaccess files.

Regards,
Sergejs
0 Kudos
Raj D.
Honored Contributor

тАО09-13-2005 07:49 PM

тАО09-13-2005 07:49 PM

Re: ftpaccess and ftpd

Hi Thayanidhi ,

You can check the /etc/ftpd/ftpaccess file for details.
Attached.

Cheers,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
0 Kudos
Muthukumar_5
Honored Contributor

тАО09-13-2005 08:01 PM

тАО09-13-2005 08:01 PM

Re: ftpaccess and ftpd

If you want to disable useraccounts to use ftp then you have to choose ftphosts file only.

# cat /etc/ftpd/ftphosts
username

# chmod 444 /etc/ftpd/ftphosts
# chown bin:bin /etc/ftpd/ftphosts

You can use another method as,

#!/bin/ksh
#ftpnew.ksh
if [ "$LOGNAME" = "" ]
then
echo "No Access to other users for using ftp"
sleep 1
fi

chmod 755 /usr/bin/ftpnew.ksh
chown bin:bin /usr/bin/ftpnew.ksh
alias ftp=/usr/bin/ftpnew.ksh

hth.
Easy to suggest when don't know about the problem!
0 Kudos
Arunvijai_4
Honored Contributor

тАО09-13-2005 08:25 PM

тАО09-13-2005 08:25 PM

Solution

Re: ftpaccess and ftpd

Create a file called "ftpusers" in /etc/ftpd and chown bin:bin. Enter the usernames you want to disable access from using FTP.

#cat /etc/ftpd/ftpusers
root
abcd

Here, root and abcd cant access FTP.

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Matthew_50
Valued Contributor

тАО09-13-2005 08:39 PM

тАО09-13-2005 08:39 PM

Re: ftpaccess and ftpd

modify inetd.conf is not require.
1. touch /etc/ftpd/ftpusers
2. for example, user 'root'&'matt' is not allow to access system via ftp login, then
place like following in /etc/ftpd/ftpusers.

------------ example ---------------------
# cat /etc/ftpd/ftpusers
root
matt
------------ example ---------------------
0 Kudos
Muthukumar_5
Honored Contributor

тАО09-13-2005 08:39 PM

тАО09-13-2005 08:39 PM

Re: ftpaccess and ftpd

/etc/ftpd/ftpusers file useful when you want to control remote machine user login to local ftpd server.

-- Plz look at ftpusers man page --

ftpd rejects remote logins to local user accounts that are named in /etc/ftpd/ftpusers.


If you want to control ftp client access to users then you have to use script wrapper on ftp binary to use it.

hth.
Easy to suggest when don't know about the problem!
0 Kudos
morganelan
Trusted Contributor

тАО09-13-2005 08:42 PM

тАО09-13-2005 08:42 PM

Re: ftpaccess and ftpd

Follow this link:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=842075
Kamal Mirdad
0 Kudos
Thayanidhi
Honored Contributor

тАО09-13-2005 11:52 PM

тАО09-13-2005 11:52 PM

Re: ftpaccess and ftpd

Hi,
Thanks all for the reply. I go with ftpusers, which is very easy without changing anything else.

Regds
TT
Attitude (not aptitude) determines altitude.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.