HPE Community
Operating System - HP-UX
1825678 Members
3548 Online
109686 Solutions
New Discussion

restrict ftp

 
Jose Ramirez_6
Advisor

‎11-05-2002 11:30 AM

‎11-05-2002 11:30 AM

restrict ftp

good mornig.

I had problem when used the file ftpaccess,

I need to create an user, for example cdf, with the same caracteristic as the user anonymous.

thank you for help me.
JRM.
jose ramirez
0 Kudos
Reply
6 REPLIES 6
Christopher McCray_1
Honored Contributor

‎11-05-2002 11:55 AM

‎11-05-2002 11:55 AM

Re: restrict ftp

Hello,

First, create an account (cdf) and give it a unique group id (i.e guestgroup).

In your ftpaccess file, create a class for this user and insert the guestgroup line:

class interfaces guest or , etc.

guestgroup

Then edit your /etc/passwd to giv it a chrooted home dir:

cdf:*:123:456::/home/cdf/./:/bin/false (make sure the default shell is present in /etc/shells.

Then make any appropriate entries in ftpaccess:

upload /home/cdf /incoming yes cdf 0660 dirs
upload /home/cdf / no

Also, mkdir usr/bin under the user's home directory and copy /usr/bin/ls into it and make $HOME/usr $HOME/usr/bin and $HOME/usr/bin/ls 555 permissions.

In case I forgot anything, look at these docs:

http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000062906536

http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000063248362

Others may be obtained using the keywords "ftpaccess" and "ftp only"

Hope this helps

Chris
It wasn't me!!!!
0 Kudos
Reply
Jose Ramirez_6
Advisor

‎11-05-2002 12:43 PM

‎11-05-2002 12:43 PM

Re: restrict ftp

I have done the change in the configuration and when i execute the command ftp with the user cdf the system reply with

550 Can't set guest privileges.

thank you for help me.
jose ramirez
0 Kudos
Reply
john korterman
Honored Contributor

‎11-06-2002 02:26 AM

‎11-06-2002 02:26 AM

Re: restrict ftp

Hi,
can send your ftpaccess file as attachment?
And also show the config line for the cdf user from /etc/passwd?

regards,
John K.
it would be nice if you always got a second chance
0 Kudos
Reply
Rita C Workman
Honored Contributor

‎11-06-2002 04:58 AM

‎11-06-2002 04:58 AM

Re: restrict ftp

Christopher has everything perfect...except one little problem.

Do not use usr/bin/ls...

Instead copy /sbin/ls to /home/cdb/usr/bin and then chmod it.

Rgrds,
Rita


0 Kudos
Reply
Rita C Workman
Honored Contributor

‎11-06-2002 04:59 AM

‎11-06-2002 04:59 AM

Re: restrict ftp

Christopher has everything perfect...except one little problem.

Do not use usr/bin/ls...

Instead copy /sbin/ls to /home/cdf/usr/bin and then chmod it.

Rgrds,
Rita


0 Kudos
Reply
Christopher McCray_1
Honored Contributor

‎11-06-2002 05:44 AM

‎11-06-2002 05:44 AM

Re: restrict ftp

Hello again,

What does your line for ftpd say in /etc/inetd.conf?

ftp stream tcp nowait root /usr/local/bin/tcpd ftpd -l -v -a -L -i -o

(keep in mind I'm using tcp wrappers, so your line might say ftpd instead of tcpd)

Have you tried bouncing inetd?

# inetd -c

Could you please post your ftpaccess file as requested before?

Chris
It wasn't me!!!!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.