ftpd(1M) ftpd(1M)
NAME [Toc] [Back]
ftpd - DARPA Internet File Transfer Protocol server
SYNOPSIS [Toc] [Back]
/usr/lbin/ftpd [-l] [-p] [-v] [-t timeout] [-P] [-T maxtimeout]
[-u umask] [-U] [-K] [-B size] [-a | -A] [-L] [-i] [-o]
[-m number_of_tries] [-n nice_value] [-q | -Q] [-r rootdir] [-V]
[-w | -W] [-X] [-I] [-s | -S] [-c ctrlport] [-C dataport]
DESCRIPTION [Toc] [Back]
ftpd is the DARPA Internet File Transfer Protocol server. It expects
to be run by the Internet daemon (see inetd(1M) and inetd.conf(4)).
inetd runs ftpd when a service request is received at the port
indicated in the ftp service specification in /etc/services (see
services(4)).
Options [Toc] [Back]
ftpd recognizes the following options and command-line arguments.
-a Enables the use of the configuration file
/etc/ftpd/ftpaccess. (see ftpaccess(4)).
-A Disables the use of the configuration file
/etc/ftpd/ftpaccess. (see ftpaccess(4)).
-B size Sets the buffer size of the data socket to size
blocks of 1024 bytes. The valid range for size is
from 1 to 2097151 (default is 56). Note: A large
buffer size will improve the performance of ftpd
on fast links (e.g. FDDI), but may cause long
connection times on slow links (e.g. X.25).
Note: If the buffer size needs to be set to any
value other than multiples of 1024 bytes, use `B'
immediately after size without any space. The size
value will be taken in terms of bytes. For
example, to set the buffer size to a value equal
to "1500", use -B 1500B.
-c ctrlport
-C dataport Overrides the control and the data port numbers
respectively that is used by the daemon.
Normally, the daemon determines the port numbers
by looking in /etc/services (see services(4)) for
"ftp" and "ftp-data". If there is no
/etc/services entry for "ftp-data" and the -C
option is not specified, the daemon uses the port
just prior to the control connection port. The -c
and -C options are both available if running as a
standalone daemon. Otherwise, only the -C option
can be used.
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
-i Logs all the files received by ftpd server to
xferlog (see xferlog(5)). This option is
overridden by the /etc/ftpd/ftpaccess file. (see
ftpaccess(4)).
-I Enables the use of RFC931 (AUTH/ident) to attempt
to determine the username on the client.
-K Applicable only in a secure environment based on
Kerberos V5. Causes access to be denied if
network authentication fails. See sis(5).
-l Causes each FTP session to be logged in the syslog
file.
-L Logs all commands sent to the ftpd server to be
logged to the syslog. The -L option is overridden
by the /etc/ftpd/ftpaccess file (see
ftpaccess(4)). If the -L option is used, commands
will be logged to syslog by default.
-m number_of_tries
Specifies the number of tries for a bind() socket
call.
-n nice_value Sets the nice value for an ftpd process. When
using this option, make sure that the nice clause
in /etc/ftpd/ftpaccess file (see ftpaccess(4)) is
not set.
-o Logs all files transmitted by ftpd to xferlog (see
xferlog(5)). It logs outgoing files from the ftpd
server. This option is overridden by the
/etc/ftpd/ftpaccess file (see ftpaccess(4)).
-p The default action of ftpd does not allow usage of
reserved ports as the originating port on the
client's system i.e., the PORT command cannot
specify a reserved port. This option allows the
client to specify a reserved port. Note, allowing
usage of reserved ports can result in the misuse
of ftpd. The security ramifications should be
understood before the option is turned on.
-P Enables third party transfer.
-q | -Q Determines whether the daemon uses the PID files.
These files are required by the limit directive to
determine the number of current users in each
access class. Disabling the use of the PID files
disables user limits. The default (-q) specifies
Hewlett-Packard Company - 2 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
to use the PID files. Specify -Q to disable using
the PID files. The -Q option can be used when
testing the server as a normal user when access
permissions prevent the use of the PID files.
Large, busy sites which do not wish to impose
limits on the number of concurrent users may also
consider disabling the PID files.
-r rootdir Instructs the daemon to chroot (see chroot(2)) to
the specified rootdir immediately upon loading.
This can improve system security by limiting the
files which may be damaged should a break-in occur
through the daemon. This option is like anonymous
FTP. For this option to work properly additional
files may be needed under the specified rootdir,
which can vary from system to system.
-s | -S Runs the daemon in standalone operation mode. The
-S option runs the daemon in the background and is
useful in startup scripts during system
initialization (ie., in rc.local). The -s option
leaves the daemon in foreground and is useful when
running from init (see init(1M)).
-t timeout Causes ftpd to timeout inactive sessions after
timeout seconds. By default, ftpd terminates an
inactive session after 15 minutes.
-T maxtimeout A client can also request a different timeout
period. The -T option sets to maxtimeout the
maximum timeout that client can request, in
seconds. By default, the maximum timeout is 2
hours.
-u umask Change default ftpd umask from 027 to umask.
-U Disables the use of sendfile() and uses send() for
sending data. Use this option if the link cannot
handle more than one buffer per packet (e.g.
Gigabit Ethernet).
-v The debugging information is written to the syslog
file.
-V Causes the program to display copyright and
version information, then terminate.
-w | -W Determines whether the user logins are to be
recorded in the wtmps and btmps files. If the -W
option is specified, user logins are not recorded
in the wtmps or btmps file. The default (-w) is
Hewlett-Packard Company - 3 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
used to record every login, logout, and bad login
attempts.
-X Specifies that the output created by the -i and -o
options is not saved to the xferlog file but saved
via syslog so that the output can be collected
from several hosts on one central loghost.
ftpd currently supports the following commands (uppercase and
lowercase are interpreted as equivalent):
Command Description
ABOR Abort previous command
ACCT Specify account (ignored)
ALLO Allocate storage (vacuously)
APPE Append to a file
CDUP Change to parent of current working directory
CWD Change working directory
DELE Delete a file
EPSV Sets the server to listen on a data port and wait
for a connection
EPRT Use extended address for data connection
HELP Give help information
LIST Give list files in a directory (ls -l)
LPRT Use long address for data connection
LPSV Sets the server to listen on a data port and wait
for a connection
MKD Make a directory
MDTM Show last modification time of file
MODE Specify data transfer mode
NLST Give name list of files in directory
NOOP Do nothing
PASS Specify password
PASV Prepare for server-to-server transfer
PORT Specify data connection port
PWD Print the current working directory
QUIT Terminate session
REST Restart incomplete transfer
RETR Retrieve a file
RMD Remove a directory
RNFR Specify rename-from file name
RNTO Specify rename-to file name
SITE Non-standard commands (see next section)
SIZE Return size of file
STAT Return status of server
STOR Store a file
STOU Store a file with a unique name
STRU Specify data transfer structure
SYST Show operating system type of server system
TYPE Specify data transfer type
Hewlett-Packard Company - 4 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
USER Specify user name
XCUP Change to parent of current working directory
XCWD Change working directory
XMKD Make a directory
XPWD Print the current working directory
XRMD Remove a directory
The following commands are supported when ftpd is operating in a
secure environment which is based on Kerberos V5 (see sis(5)).
Command Description
AUTH Authentication/security mechanism
ADAT Authentication/security data
CCC Clear command channel
ENC Privacy protected command
MIC Integrity protected command
PROT Data channel protection level (level 'C' only)
PBSZ Protection buffer size (has no effect)
These commands are described in draft 8 of the FTP security
extensions.
The following non-standard or HP-UX specific commands are supported by
the SITE command:
Command Description
UMASK Change umask. (e.g., SITE UMASK 002)
IDLE Set idle-timer. (e.g., SITE IDLE 60)
CHMOD Change mode of a file. (e.g., SITE CHMOD 755
filename)
HELP Give help information. (e.g., SITE HELP)
NEWER List files newer than a particular date.
MINFO Works like SITE NEWER, but gives extra
information.
GROUP Request for special group access. (e.g. , SITE
GROUP foo)
GPASS Give special group access password. (e.g. , SITE
GPASS bar)
EXEC Execute a program. (e.g. , SITE EXEC program
params)
For the SITE EXEC command, in order to execute a program it has to be
placed in the /etc/ftpd/ftp-exec directory. The program to be executed
must be either a binary program file or a valid shell. For example for
the following program:
cat /etc/ftpd/ftp-exec/hi.sh
#!/usr/bin/sh
echo hello
Hewlett-Packard Company - 5 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
When we give the following SITE EXEC command:
ftp> site exec hi.sh
The output will be as follows:
200-hi.sh
200-hello
200 (end of 'hi.sh')
Note: The security of the system will entirely be dependent on what
binaries or shell programs that the administrator has placed in the
directory /etc/ftpd/ftp-exec. Making this functionality available to
real users who have shell access does not have any major security
ramifications, but for anonymous and guest users who do not have shell
access, it does.
The remaining FTP requests specified in Internet RFC 959 are
recognized, but not implemented. MDTM and SIZE are not specified in
RFC 959, but are expected in the next updated FTP RFC.
The FTP server aborts an active file transfer only when the ABOR
command is preceded by a Telnet "Interrupt Process" (IP) signal and a
Telnet "Synch" signal in the command Telnet stream, as described in
Internet RFC 959. If ftpd receives a STAT command during a data
transfer, preceded by a Telnet IP and Synch, it returns the status of
the transfer.
ftpd interprets file names according to the "globbing" conventions
used by csh(1). This allows users to utilize the metacharacters *, .,
[, ], {, }, ~, and ?.
ftpd authenticates users according to three rules:
+ The user name must be in the password data base, /etc/passwd,
and not have a null password. The client must provide the
correct password for the user before any file operations can
be performed.
+ The user name must not appear in the file /etc/ftpd/ftpusers
(see ftpusers(4)).
+ The user must have a standard shell returned by
getusershell().
Optionally, a system administrator can permit public access or
"anonymous FTP." If this has been set up, users can access the
anonymous FTP account with the user name anonymous or ftp and any
non-null password (by convention, the client host's name). ftpd does
a chroot() to the home directory of user ftp, thus limiting anonymous
Hewlett-Packard Company - 6 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
FTP users' access to the system. If the user name is anonymous or
ftp, an anonymous FTP account must be present in the password file
(user ftp). In this case the user is allowed to log in by specifying
any password (by convention this is given as the user's e-mail
address).
In order to permit anonymous FTP, there must be an entry in the
passwd(4) database for an account named ftp. The password field
should be *, the group membership should be guest, and the login shell
should be /usr/bin/false. For example (assuming the guest group ID is
10):
ftp:*:500:10:anonymous ftp:/home/ftp:/usr/bin/false
The anonymous FTP directory should be set up as follows:
~ftp The home directory of the FTP account should be owned by user
root and mode 555 (not writable). Since ftpd does a chroot()
to this directory, it must have the following subdirectories
and files:
~ftp/usr/bin
This directory must be owned by root and mode 555
(not writable). The file /sbin/ls should be copied
to ~ftp/usr/bin. This is needed to support
directory listing by ftpd. The command should be
mode 111 (executable only). If the FTP account is
on the same file system as /sbin, ~ftp/usr/bin/ls
can be hard link, but it may not be a symbolic link,
because of the chroot(). The command must be
replaced when the system is updated.
~ftp/etc This directory must be owned by root and mode 555
(not writable). It should contain versions of the
files passwd and group. See passwd(4) and group(4).
These files must be owned by root and mode 444
(readable only). These files must be present for
the LIST command to be able to produce owner names
rather than numbers.
~ftp/etc/passwd
This file should contain entries for the ftp user
and any other users who own files under the
anonymous ftp directory. Such entries should have *
for passwords. Group IDs must be listed in the
anonymous FTP group file, ~ftp/etc/group. The path
names of home directories in ~ftp/etc/passwd must be
with respect to the anonymous FTP home directory.
~ftp/etc/group
This file should contain the group names associated
Hewlett-Packard Company - 7 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
with any group IDs in file ~ftp/etc/passwd and any
group IDs of files in the anonymous FTP
subdirectories.
~ftp/pub (optional)
This directory is used by anonymous FTP users to
deposit files on the system. It should be owned by
user ftp and should be mode 777 (readable and
writable by all).
~ftp/dist (optional)
Directories used to make files available to
anonymous ftp users should be mode 555 (not
writable), and any files to be distributed should be
owned by root and mode 444 (readable only) so that
they cannot be modified or removed by anonymous FTP
users.
Note: The steps that are followed to create an anonymous account are
used to create a guest account also.
DIAGNOSTICS [Toc] [Back]
ftpd replies to FTP commands to ensure synchronization of requests and
actions during file transfers, and to indicate the status of ftpd.
Every command produces at least one reply, although there may be more
than one. A reply consists of a three-digit number, a space, some
text, and an end of line. The number is useful for programs; the text
is useful for users. The number must conform to this standard, but
the text can vary.
The first digit of the message indicates whether the reply is good,
bad, or incomplete. Five values exist for the first digit. The
values and the interpretations of the values are:
1 The requested action is being initiated; expect another
reply before proceeding with a new command.
2 The requested action is complete. The server is ready
for a new request.
3 The command has been accepted, but the requested action
requires more information.
4 The command was not accepted, the requested action
failed, but the error condition is temporary and the
action can be requested again.
5 The command was not accepted, the requested action
failed, and the error condition would most likely occur
again if the same command sequence is repeated.
Hewlett-Packard Company - 8 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
The second digit indicates the functional area that the message
addresses. The values of the second digit and the interpretations of
these values are:
0 Syntax. A message with a 0 for the second digit
indicates that a syntax error occurred.
1 Information. A message with a 1 as the second digit
indicates that the message is in reply to a request for
information.
2 Connections. A message with a 2 as the second digit
indicates that the message is a reply to a request for
control and data connection information.
3 Authentication and accounting. A message with a 3 as the
second digit indicates that the message is a reply to a
login or accounting procedure.
4 Not currently specified.
5 File system. A message with a 5 as the second digit
indicates that the text following the number contains
information concerning the status of the server file
system.
The third digit provides a further clarification of the information
supplied by the second digit. Following are several examples of
messages. Note that ftpd's replies match the number but not the text.
110 Restart marker reply. MARK yyyy=mmmm where yyyy is a
user process data stream marker, and mmmm is ftpd's
equivalent marker
120 Service ready in nnn minutes
200 Command okay
211 System status, or system help reply
212 Directory status
230 User logged in, proceed
250 Requested file action okay, completed
331 User name okay, need password
350 Requested file action pending further information
425 Cannot open data connection
451 Requested action aborted: local error in processing
500 Syntax error, command unrecognized or command line too
long
530 Not logged in
550 Requested action not taken; file unavailable, not found,
no access
GENERAL FTP EXTENSIONS [Toc] [Back]
Hewlett-Packard Company - 9 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
There are some extensions to the FTP server such that if the user
specifies a filename (when using a RETRIEVE command), the following
actions will occur:
True Filename Specified Filename Action
_________________________________________________________________
filename.Z filename Decompress (uncompress) file
before transmitting
filename filename.Z Compress filename
before transmitting
filename filename.tar Tar filename
before transmitting
filename filename.tar.Z Tar and compress filename
before transmitting
Also, the FTP server will attempt to check for valid e-mail addresses
and notify the user if invalid e-mail addresses are found. For users
whose FTP client will hang on "long replies" (i.e. multiline
responses), using a dash as the first character of the password will
disable this "long replies" feature.
Note: Users whose password starts with a dash, have to use an extra
dash in the beginning of the password for login to succeed. However,
the "long replies" feature will be disabled in this case.
The FTP server can also log all file transmission and reception,
keeping the following information for each file transmission that
takes place.
%.24s %d %s %d %s %c %s %c %c %s %s %d %s
1 2 3 4 5 6 7 8 9 10 11 12 13
1 current time in the form DDD MMM dd hh:mm:ss YYYY
2 transfer time in seconds
3 remote host name
4 file size in bytes
5 name of file
6 transfer type (a>scii, b>inary)
7 special action flags (concatenated as needed):
C file was compressed
U file was uncompressed
T file was tar'ed
_ no action taken
8 file was sent to user (o>utgoing) or received from user
(i>ncoming)
9 accessed anonymously (r>eal, a>nonymous, g>uest)
10 local username or, if guest, ID string given (anonymous
FTP password)
11 service name ('ftp', other)
Hewlett-Packard Company - 10 - HP-UX 11i Version 2: August 2003
ftpd(1M) ftpd(1M)
12 authentication method (bitmask)
0 none
1 RFC931 Authentication
13 authenticated user id (if available, '*' otherwise)
WARNINGS [Toc] [Back]
The password is sent unencrypted through the socket connection.
Anonymous FTP is inherently dangerous to system security.
DEPENDENCIES [Toc] [Back]
Pluggable Authentication Modules (PAM)
PAM is an Open Group standard for user authentication, password
modification, and validation of accounts. In particular,
pam_authenticate() is invoked to perform all functions related to
login. This includes retrieving the password, validating the account,
and displaying error messages.
AUTHOR [Toc] [Back]
ftpd was developed by the University of California, Berkeley and the
Washington University, St. Louis, Missouri.
SEE ALSO [Toc] [Back]
ftp(1), inetd(1M), chroot(2), send(2), sendfile(2), getusershell(3C),
pam_authenticate(3), inetd.conf(4), ftpaccess(4), ftpusers(4),
group(4), passwd(4), xferlog(5), sis(5).
Hewlett-Packard Company - 11 - HP-UX 11i Version 2: August 2003 [ Back ] |
