HPE Community
Operating System - HP-UX
1832973 Members
2580 Online
110048 Solutions
New Discussion

Re: ftponly account with other ftp accounts

 
rana786
Regular Advisor

‎01-25-2006 08:43 PM

‎01-25-2006 08:43 PM

ftponly account with other ftp accounts

Hi all,
I have some ftp users with telnet facility in a HP-UX system. Now I need a few ftp-only users in the same system under a specified directory. I created ftp-only user successfully. But the problem is after creation of ftp-only user adding a flag to the ftpd daemon, only ftp-only user can access the system other ftp user can not access to the system.

How can existboth type of users?
Walker_dhk
0 Kudos
8 REPLIES 8
Paul Sperry
Honored Contributor

‎01-26-2006 08:15 AM

‎01-26-2006 08:15 AM

Re: ftponly account with other ftp accounts

I'd create the users all the same but give the ftp only users no shell access.
0 Kudos
Ivan Ferreira
Honored Contributor

‎01-26-2006 08:58 AM

‎01-26-2006 08:58 AM

Re: ftponly account with other ftp accounts

What is the flag that you added?. If your ftp server is wu-ftp, use the -a and configure ftpaccess to restrict the account to be chrooted. You can use /usr/bin/false as the shell for the user to avoid interactive access.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Devesh Pant_1
Esteemed Contributor

‎01-26-2006 10:18 AM

‎01-26-2006 10:18 AM

Re: ftponly account with other ftp accounts

Hello rana786
What we do is add the following to the profile say if you want ids abcde and fghij to be ftp only

if [[ `logname` = abcde ]] || [[ `logname` = fghij ]]
then
clear
echo "****************************"
echo "Unauthorized login. Login to id `logname` allowed via ftp or su only."
echo "*****************************"
echo " "
echo "GOODBYE"
echo "*****************************"
kill -9 $$
fi

This should do the trick

thanks
DP
0 Kudos
rana786
Regular Advisor

‎01-26-2006 04:07 PM

‎01-26-2006 04:07 PM

Re: ftponly account with other ftp accounts

Hi all,

I want to create FTP only users and those ftp only users not to change directories. I have created ftp only users and had included the -a option with the ftpd in the inetd.conf file. After adding -a option ftp only users are able to ftp and for other
the access to ftp is restricted (unable to access). So I have removed the -a option and now the FTP only user can move to other directories other than his home directory. I do not want this. I need to co-exist both normal ftp user and ftp-only user.

Rgds,
Mostafa
Walker_dhk
0 Kudos
Muthukumar_5
Honored Contributor

‎01-26-2006 07:18 PM

‎01-26-2006 07:18 PM

Re: ftponly account with other ftp accounts

Try this method:

/etc/inetd.conf
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l


vi /etc/passwd
Put this contents,

guest1::100:92:Guest Account:/ftp/:/etc/ftponly

Change guest1 to your account name. Change /ftp to some directory.

vi /etc/shells
/etc/ftponly
/sbin/sh


Try now. It will work.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Arunvijai_4
Honored Contributor

‎01-26-2006 07:22 PM

‎01-26-2006 07:22 PM

Re: ftponly account with other ftp accounts

Hello,

1) Create a new group "ftponly"
2) Create a new account belonging to this group "ftpuser"
3) Give it a NON shell like /usr/bin/false
4) Put the NON shell in /etc/shel
5) Edit /etc/ftpd/ftpaccess following "man ftpaccess" instruction

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Darrel Louis
Honored Contributor

‎01-26-2006 07:50 PM

‎01-26-2006 07:50 PM

Re: ftponly account with other ftp accounts

Hi,

You need to configure your ftpaccess file and in there you can specify the directory and permissions the file should have.

When adding the users specify the directory location were they will put the data e.g:
ftpuser:*:999:999: Ftp users:/data/ftp/load/./:/usr/bin/false

Your inetd.conf should be modified:
Start ftpd with the -a option.
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l -a

GoodLuck

Darrel
0 Kudos
rana786
Regular Advisor

‎01-30-2006 08:42 PM

‎01-30-2006 08:42 PM

Re: ftponly account with other ftp accounts

Its ok.
Walker_dhk
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.