FTPD

NAME

SYNOPSIS

DESCRIPTION

Available options:

-d

Debugging information is written to the syslog using LOG_FTP.

-l

Each successful and failed ftp(1) session is logged using syslog with a facility of LOG_FTP. If this option is specified twice, the retrieve (get), store (put), append, delete, make directory, remove directory and rename operations and their filename arguments are also logged.

-A

Only anonymous login is allowed.

-D

ftpd enters daemon-mode. That allows ftpd to be run without inetd.

-q

Quiet mode. No information about the version of the ftpd is given to the client.

-T

A client may also request a different timeout period; the maximum period allowed may be set to timeout seconds with the -T option. The default limit is 2 hours.

-t

The inactivity timeout period is set to timeout seconds (the default is 15 minutes).

-a

Give anonymous an other login-name (anonymous and ftpd will still work).

The file /etc/nologin can be used to disable ftp access. If the file exists, ftpd displays it and exits. If the file /etc/ftpwelcome exists, ftpd prints it before issuing the ``ready'' message. If the file /etc/motd exists, ftpd prints it after a successful login.

The ftp server currently supports the following ftp requests. The case of the requests is ignored.

Request Ta Description

ABOR Ta abort previous command

ACCT Ta specify account (ignored)

ALLO Ta allocate storage (vacuously)

APPE Ta append to a file

CDUP Ta change to parent of current working directory

CWD Ta change working directory

DELE Ta delete a file

HELP Ta give help information

LIST Ta give list files in a directory (``ls -lgA '' )

MKD Ta make a directory

MDTM Ta show last modification time of file

MODE Ta specify data transfer mode

NLST Ta give name list of files in directory

NOOP Ta do nothing

PASS Ta specify password

PASV Ta prepare for server-to-server transfer

PORT Ta specify data connection port

PWD Ta print the current working directory

QUIT Ta terminate session

REST Ta restart incomplete transfer

RETR Ta retrieve a file

RMD Ta remove a directory

RNFR Ta specify rename-from file name

RNTO Ta specify rename-to file name

SITE Ta non-standard commands (see next section)

SIZE Ta return size of file

STAT Ta return status of server

STOR Ta store a file

STOU Ta store a file with a unique name

STRU Ta specify data transfer structure

SYST Ta show operating system type of server system

TYPE Ta specify data transfer type

USER Ta specify user name

XCUP Ta change to parent of current working directory (deprecated)

XCWD Ta change working directory (deprecated)

XMKD Ta make a directory (deprecated)

XPWD Ta print the current working directory (deprecated)

XRMD Ta remove a directory (deprecated)

The following non-standard or UNIX specific commands are supported by the SITE request.

Request Ta Description

UMASK Ta change umask, e.g. ``SITE UMASK 002''

IDLE Ta set idle-timer, e.g. ``SITE IDLE 60''

CHMOD Ta change mode of a file, e.g. ``SITE CHMOD 755 filename''

HELP Ta give help information.

The remaining ftp requests specified in Internet RFC 959 are recognized, but not implemented. MDTM and SIZE are not specified in RFC 959, but will appear in the next updated FTP RFC.

The ftp server will abort an active file transfer only when the ABOR command is preceded by a Telnet "Interrupt Process" (IP) signal and a Telnet "Synch" signal in the command Telnet stream, as described in Internet RFC 959. If a STAT command is received during a data transfer, preceded by a Telnet IP and Synch, transfer status will be returned.

Ftpd interprets file names according to the ``globbing'' conventions used by csh(1). This allows users to utilize the metacharacters ``*?[]{}~ ''

Ftpd authenticates users according to three rules.

1. The login name must be in the password data base, /etc/passwd and not have a null password. In this case a password must be provided by the client before any file operations may be performed.
2. The login name must not appear in the file /etc/ftpusers
3. The user must have a standard shell returned by getusershell(3).
4. If the user name is ``anonymous'' or ``ftp'' an anonymous ftp account must be present in the password file (user ``ftp )'' In this case the user is allowed to log in by specifying any password (by convention an email address for the user should be used as the password).

In the last case, ftpd takes special measures to restrict the client's access privileges. The server performs a chroot(2) to the home directory of the ``ftp'' user. In order that system security is not breached, it is recommended that the ``ftp'' subtree be constructed with care, following these rules:

~ftp

Make the home directory owned by ``root'' and unwritable by anyone.

~ftp/bin

Make this directory owned by ``root'' and unwritable by anyone (mode 555). The program ls(1) must be present to support the list command. This program should be mode 111.

~ftp/etc

Make this directory owned by ``root'' and unwritable by anyone (mode 555). The files passwd(5) and group(5) must be present for the ls command to be able to produce owner names rather than numbers. The password field in passwd is not used, and should not contain real passwords. The file motd if present, will be printed after a successful login. These files should be mode 444.

~ftp/pub

Make this directory mode 777 and owned by ``ftp'' Guests can then place files which are to be accessible via the anonymous account in this directory.

FILES

/etc/ftpusers

List of unwelcome/restricted users.

/etc/ftpwelcome

Welcome notice.

/etc/motd

Welcome notice after login.

/etc/nologin

Displayed and access refused.

SEE ALSO

BUGS

HISTORY

Index

NAME

SYNOPSIS

DESCRIPTION

FILES

SEE ALSO

BUGS

HISTORY