HPE Community
Operating System - HP-UX
1838594 Members
4017 Online
110128 Solutions
New Discussion

HPUX 11i ftp jailing

 
Jayson Hurd_2
Advisor

‎11-03-2003 02:18 AM

‎11-03-2003 02:18 AM

HPUX 11i ftp jailing

I am trying to create an ftp account that is 'jailed' to a specific directory. Basically I want the user to log in via ftp and see /home/ftpuser as "/". They do not need to log in via ssh or telnet. I see there is this 'chroot' command, but it does not make sense for what I am trying to do. How do I accomplish this?
Most things worth having don't come easily.
0 Kudos
Reply
3 REPLIES 3
Steven E. Protter
Exalted Contributor

‎11-03-2003 02:25 AM

‎11-03-2003 02:25 AM

Re: HPUX 11i ftp jailing

choot jail makes a great deal of sense for this type of situation.

It keep the user from stepping up to root and obtaining configuration informaion on the server.

Always a good idea.

A discussion:
http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/5187-2216/5187-2216_top.html&con=/hpux/onlinedocs/5187-2216/00/01/113-con.html&toc=/hpux/onlinedocs/5187-2216/00/01/113-toc.html&searchterms=chroot%7cjail%7cftp&queryid=20031103-082116

You set the user shell to /sbin/false and you add chroot() to the ftpacess file for that user.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Dave La Mar
Honored Contributor

‎11-03-2003 07:44 AM

‎11-03-2003 07:44 AM

Re: HPUX 11i ftp jailing

Jayson -
Attached is the documentation we use to set up a restricted ftp user.
I think you'll find what you need here.

Regards,
dl
"I'm not dumb. I just have a command of thoroughly useless information."
0 Kudos
Reply
James A. Donovan
Honored Contributor

‎11-03-2003 10:30 AM

‎11-03-2003 10:30 AM

Re: HPUX 11i ftp jailing

http://www.wu-ftpd.org/HOWTO

check out the guestgroup/guest-root/restricted-uid directives for the ftpaccess file.
Remember, wherever you go, there you are...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.