xref: /freebsd/libexec/ftpd/ftpd.8 (revision 6a01974b787e31ee99ec5a26a0ebfd843d399740)
1ea022d16SRodney W. Grimes.\" Copyright (c) 1985, 1988, 1991, 1993
2ea022d16SRodney W. Grimes.\"	The Regents of the University of California.  All rights reserved.
3ea022d16SRodney W. Grimes.\"
4ea022d16SRodney W. Grimes.\" Redistribution and use in source and binary forms, with or without
5ea022d16SRodney W. Grimes.\" modification, are permitted provided that the following conditions
6ea022d16SRodney W. Grimes.\" are met:
7ea022d16SRodney W. Grimes.\" 1. Redistributions of source code must retain the above copyright
8ea022d16SRodney W. Grimes.\"    notice, this list of conditions and the following disclaimer.
9ea022d16SRodney W. Grimes.\" 2. Redistributions in binary form must reproduce the above copyright
10ea022d16SRodney W. Grimes.\"    notice, this list of conditions and the following disclaimer in the
11ea022d16SRodney W. Grimes.\"    documentation and/or other materials provided with the distribution.
12ea022d16SRodney W. Grimes.\" 3. All advertising materials mentioning features or use of this software
13ea022d16SRodney W. Grimes.\"    must display the following acknowledgement:
14ea022d16SRodney W. Grimes.\"	This product includes software developed by the University of
15ea022d16SRodney W. Grimes.\"	California, Berkeley and its contributors.
16ea022d16SRodney W. Grimes.\" 4. Neither the name of the University nor the names of its contributors
17ea022d16SRodney W. Grimes.\"    may be used to endorse or promote products derived from this software
18ea022d16SRodney W. Grimes.\"    without specific prior written permission.
19ea022d16SRodney W. Grimes.\"
20ea022d16SRodney W. Grimes.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21ea022d16SRodney W. Grimes.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22ea022d16SRodney W. Grimes.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23ea022d16SRodney W. Grimes.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24ea022d16SRodney W. Grimes.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25ea022d16SRodney W. Grimes.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26ea022d16SRodney W. Grimes.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27ea022d16SRodney W. Grimes.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28ea022d16SRodney W. Grimes.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29ea022d16SRodney W. Grimes.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30ea022d16SRodney W. Grimes.\" SUCH DAMAGE.
31ea022d16SRodney W. Grimes.\"
32ea022d16SRodney W. Grimes.\"     @(#)ftpd.8	8.2 (Berkeley) 4/19/94
337f3dea24SPeter Wemm.\" $FreeBSD$
34ea022d16SRodney W. Grimes.\"
354dd8b5abSYoshinobu Inoue.Dd January 27, 2000
36ea022d16SRodney W. Grimes.Dt FTPD 8
37ea022d16SRodney W. Grimes.Os BSD 4.2
38ea022d16SRodney W. Grimes.Sh NAME
39ea022d16SRodney W. Grimes.Nm ftpd
40ea022d16SRodney W. Grimes.Nd
41ea022d16SRodney W. GrimesInternet File Transfer Protocol server
42ea022d16SRodney W. Grimes.Sh SYNOPSIS
4376081989SRuslan Ermilov.Nm
444dd8b5abSYoshinobu Inoue.Op Fl 4
454dd8b5abSYoshinobu Inoue.Op Fl 6
46a206edcdSMike Pritchard.Op Fl d
47a206edcdSMike Pritchard.Op Fl l Op Fl l
48e57c110bSGuy Helmer.Op Fl A
49cf09a206SDavid Greenman.Op Fl D
50a5a4544eSPaul Traina.Op Fl R
513eb568f2SGuido van Rooij.Op Fl S
524c450ad7SPaul Traina.Op Fl U
53a4b77a2aSPoul-Henning Kamp.Op Fl r
54a4b77a2aSPoul-Henning Kamp.Op Fl E
55ea022d16SRodney W. Grimes.Op Fl T Ar maxtimeout
56ea022d16SRodney W. Grimes.Op Fl t Ar timeout
57105a3c98SJulian Elischer.Op Fl a Ar address
58105a3c98SJulian Elischer.Op Fl p Ar file
59ea022d16SRodney W. Grimes.Sh DESCRIPTION
60ea022d16SRodney W. Grimes.Nm Ftpd
61ea022d16SRodney W. Grimesis the
62ea022d16SRodney W. GrimesInternet File Transfer Protocol
63ea022d16SRodney W. Grimesserver process.  The server uses the
64ea022d16SRodney W. Grimes.Tn TCP
65ea022d16SRodney W. Grimesprotocol
66ea022d16SRodney W. Grimesand listens at the port specified in the
67ea022d16SRodney W. Grimes.Dq ftp
68ea022d16SRodney W. Grimesservice specification; see
69ea022d16SRodney W. Grimes.Xr services 5 .
70ea022d16SRodney W. Grimes.Pp
71ea022d16SRodney W. GrimesAvailable options:
72e02897faSPhilippe Charnier.Bl -tag -width indent
73ea022d16SRodney W. Grimes.It Fl d
74ea022d16SRodney W. GrimesDebugging information is written to the syslog using LOG_FTP.
75ea022d16SRodney W. Grimes.It Fl l
76ea022d16SRodney W. GrimesEach successful and failed
77ea022d16SRodney W. Grimes.Xr ftp 1
78ea022d16SRodney W. Grimessession is logged using syslog with a facility of LOG_FTP.
79ea022d16SRodney W. GrimesIf this option is specified twice, the retrieve (get), store (put), append,
80ea022d16SRodney W. Grimesdelete, make directory, remove directory and rename operations and
81f3396fdcSMike Pritchardtheir filename arguments are also logged.  Note: LOG_FTP messages
82f3396fdcSMike Pritchardare not displayed by
83f3396fdcSMike Pritchard.Xr syslogd 8
84f3396fdcSMike Pritchardby default, and may have to be enabled in
85f3396fdcSMike Pritchard.Xr syslogd 8 Ns 's
86f3396fdcSMike Pritchardconfiguration file.
87cf09a206SDavid Greenman.It Fl D
88cf09a206SDavid GreenmanWith this option set,
89e02897faSPhilippe Charnier.Nm
90cf09a206SDavid Greenmanwill detach and become a daemon, accepting connections on the FTP port and
9119a05e11SRuslan Ermilovforking children processes to handle them.
9219a05e11SRuslan ErmilovThis is lower overhead than starting
93e02897faSPhilippe Charnier.Nm
94cf09a206SDavid Greenmanfrom
95cf09a206SDavid Greenman.Xr inetd 8
96cf09a206SDavid Greenmanand is thus useful on busy servers to reduce load.
97a5a4544eSPaul Traina.It Fl R
98a5a4544eSPaul TrainaWith this option set,
99e02897faSPhilippe Charnier.Nm
100a5a4544eSPaul Trainawill revert to historical behavior with regard to security checks on
101a5a4544eSPaul Trainauser operations and restrictions on PORT requests.
102a5a4544eSPaul TrainaCurrently,
103e02897faSPhilippe Charnier.Nm
104a5a4544eSPaul Trainawill only honor PORT commands directed to unprivileged ports on the
105a5a4544eSPaul Trainaremote user's host (which violates the FTP protocol specification but
106a5a4544eSPaul Trainacloses some security holes).
1073eb568f2SGuido van Rooij.It Fl S
1083eb568f2SGuido van RooijWith this option set,
109e02897faSPhilippe Charnier.Nm
110a611641fSBen Smithurstlogs all anonymous file downloads to the file
1113eb568f2SGuido van Rooij.Pa /var/log/ftpd
1123eb568f2SGuido van Rooijwhen this file exists.
1134c450ad7SPaul Traina.It Fl U
1144c450ad7SPaul TrainaIn previous versions of
11576081989SRuslan Ermilov.Nm ,
1164c450ad7SPaul Trainawhen a passive mode client requested a data connection to the server,
1174c450ad7SPaul Trainathe server would use data ports in the range 1024..4999.  Now, by default,
118c711c51dSBill Fumerolathe server will use data ports in the range 49152..65535.  Specifying this
1194c450ad7SPaul Trainaoption will revert to the old behavior.
120ea022d16SRodney W. Grimes.It Fl T
121ea022d16SRodney W. GrimesA client may also request a different timeout period;
122ea022d16SRodney W. Grimesthe maximum period allowed may be set to
123ea022d16SRodney W. Grimes.Ar timeout
124ea022d16SRodney W. Grimesseconds with the
125ea022d16SRodney W. Grimes.Fl T
126ea022d16SRodney W. Grimesoption.
127ea022d16SRodney W. GrimesThe default limit is 2 hours.
128ea022d16SRodney W. Grimes.It Fl t
129ea022d16SRodney W. GrimesThe inactivity timeout period is set to
130ea022d16SRodney W. Grimes.Ar timeout
131ea022d16SRodney W. Grimesseconds (the default is 15 minutes).
132105a3c98SJulian Elischer.It Fl a
133105a3c98SJulian ElischerWhen
134105a3c98SJulian Elischer.Fl D
135105a3c98SJulian Elischeris specified, accept connections only on the specified
136105a3c98SJulian Elischer.Ar address .
137105a3c98SJulian Elischer.It Fl p
138105a3c98SJulian ElischerWhen
139105a3c98SJulian Elischer.Fl D
140105a3c98SJulian Elischeris specified, write the daemon's process ID to
141105a3c98SJulian Elischer.Ar file .
1424dd8b5abSYoshinobu Inoue.It Fl 6
1434dd8b5abSYoshinobu InoueWhen
1444dd8b5abSYoshinobu Inoue.Fl D
1454dd8b5abSYoshinobu Inoueis specified, accept connections via AF_INET6 socket.
1464dd8b5abSYoshinobu Inoue.It Fl 4
1474dd8b5abSYoshinobu InoueWhen
1484dd8b5abSYoshinobu Inoue.Fl D
1494dd8b5abSYoshinobu Inoueis specified, accept IPv4 connections.
1504dd8b5abSYoshinobu InoueWhen
1514dd8b5abSYoshinobu Inoue.Fl 6
1524dd8b5abSYoshinobu Inoueis also specified, accept IPv4 connection via AF_INET6 socket.
1534dd8b5abSYoshinobu InoueWhen
1544dd8b5abSYoshinobu Inoue.Fl 6
1554dd8b5abSYoshinobu Inoueis not specified, accept IPv4 connection via AF_INET socket.
1565a392aecSTorsten Blum.It Fl A
157e02897faSPhilippe CharnierAllow only anonymous ftp access.
158a4b77a2aSPoul-Henning Kamp.It Fl r
15919a05e11SRuslan ErmilovPut server in read-only mode.
16019a05e11SRuslan ErmilovAll commands which may modify the local filesystem are disabled.
161a4b77a2aSPoul-Henning Kamp.It Fl E
16219a05e11SRuslan ErmilovDisable the EPSV command.
16319a05e11SRuslan ErmilovThis is useful for servers behind older firewalls.
164ea022d16SRodney W. Grimes.El
165ea022d16SRodney W. Grimes.Pp
166ea022d16SRodney W. GrimesThe file
1670e510aedSSatoshi Asami.Pa /var/run/nologin
168ea022d16SRodney W. Grimescan be used to disable ftp access.
169ea022d16SRodney W. GrimesIf the file exists,
170ea022d16SRodney W. Grimes.Nm
171ea022d16SRodney W. Grimesdisplays it and exits.
172ea022d16SRodney W. GrimesIf the file
173ea022d16SRodney W. Grimes.Pa /etc/ftpwelcome
174ea022d16SRodney W. Grimesexists,
175ea022d16SRodney W. Grimes.Nm
176ea022d16SRodney W. Grimesprints it before issuing the
177ea022d16SRodney W. Grimes.Dq ready
178ea022d16SRodney W. Grimesmessage.
179ea022d16SRodney W. GrimesIf the file
180025362a7SGary Palmer.Pa /etc/ftpmotd
181ea022d16SRodney W. Grimesexists,
182ea022d16SRodney W. Grimes.Nm
183f97d7807SDavid E. O'Brienprints it after a successful login.  Note the motd file used is the one
184f97d7807SDavid E. O'Brienrelative to the login environment.  This means the one in
185f97d7807SDavid E. O'Brien.Pa ~ftp/etc
186f97d7807SDavid E. O'Brienin the anonymous user's case.
187ea022d16SRodney W. Grimes.Pp
188ea022d16SRodney W. GrimesThe ftp server currently supports the following ftp requests.
189a4b77a2aSPoul-Henning KampThe case of the requests is ignored.  Requests marked [RW] are
190a4b77a2aSPoul-Henning Kampdisabled if
191a4b77a2aSPoul-Henning Kamp.Fl r
192a4b77a2aSPoul-Henning Kampis specified.
193ea022d16SRodney W. Grimes.Bl -column "Request" -offset indent
194e02897faSPhilippe Charnier.It Sy Request Ta Sy "Description"
195ea022d16SRodney W. Grimes.It ABOR Ta "abort previous command"
196ea022d16SRodney W. Grimes.It ACCT Ta "specify account (ignored)"
197ea022d16SRodney W. Grimes.It ALLO Ta "allocate storage (vacuously)"
198a4b77a2aSPoul-Henning Kamp.It APPE Ta "append to a file [RW]"
199ea022d16SRodney W. Grimes.It CDUP Ta "change to parent of current working directory"
200ea022d16SRodney W. Grimes.It CWD Ta "change working directory"
201a4b77a2aSPoul-Henning Kamp.It DELE Ta "delete a file [RW]"
202a4b77a2aSPoul-Henning Kamp.It EPRT Ta "specify data connection port, multiprotocol"
203a4b77a2aSPoul-Henning Kamp.It EPSV Ta "prepare for server-to-server transfer, multiprotocol"
204ea022d16SRodney W. Grimes.It HELP Ta "give help information"
205ea022d16SRodney W. Grimes.It LIST Ta "give list files in a directory" Pq Dq Li "ls -lgA"
206a4b77a2aSPoul-Henning Kamp.It LPRT Ta "specify data connection port, multiprotocol"
207a4b77a2aSPoul-Henning Kamp.It LPSV Ta "prepare for server-to-server transfer, multiprotocol"
208ea022d16SRodney W. Grimes.It MDTM Ta "show last modification time of file"
209a4b77a2aSPoul-Henning Kamp.It MKD Ta "make a directory [RW]"
210ea022d16SRodney W. Grimes.It MODE Ta "specify data transfer" Em mode
211ea022d16SRodney W. Grimes.It NLST Ta "give name list of files in directory"
212ea022d16SRodney W. Grimes.It NOOP Ta "do nothing"
213ea022d16SRodney W. Grimes.It PASS Ta "specify password"
214ea022d16SRodney W. Grimes.It PASV Ta "prepare for server-to-server transfer"
215ea022d16SRodney W. Grimes.It PORT Ta "specify data connection port"
216ea022d16SRodney W. Grimes.It PWD Ta "print the current working directory"
217ea022d16SRodney W. Grimes.It QUIT Ta "terminate session"
218ea022d16SRodney W. Grimes.It REST Ta "restart incomplete transfer"
219ea022d16SRodney W. Grimes.It RETR Ta "retrieve a file"
220a4b77a2aSPoul-Henning Kamp.It RMD Ta "remove a directory [RW]"
221a4b77a2aSPoul-Henning Kamp.It RNFR Ta "specify rename-from file name [RW]"
222a4b77a2aSPoul-Henning Kamp.It RNTO Ta "specify rename-to file name [RW]"
223ea022d16SRodney W. Grimes.It SITE Ta "non-standard commands (see next section)"
224ea022d16SRodney W. Grimes.It SIZE Ta "return size of file"
225ea022d16SRodney W. Grimes.It STAT Ta "return status of server"
226a4b77a2aSPoul-Henning Kamp.It STOR Ta "store a file [RW]"
227a4b77a2aSPoul-Henning Kamp.It STOU Ta "store a file with a unique name [RW]"
228ea022d16SRodney W. Grimes.It STRU Ta "specify data transfer" Em structure
229ea022d16SRodney W. Grimes.It SYST Ta "show operating system type of server system"
230ea022d16SRodney W. Grimes.It TYPE Ta "specify data transfer" Em type
231ea022d16SRodney W. Grimes.It USER Ta "specify user name"
232ea022d16SRodney W. Grimes.It XCUP Ta "change to parent of current working directory (deprecated)"
233ea022d16SRodney W. Grimes.It XCWD Ta "change working directory (deprecated)"
234a4b77a2aSPoul-Henning Kamp.It XMKD Ta "make a directory (deprecated) [RW]"
235ea022d16SRodney W. Grimes.It XPWD Ta "print the current working directory (deprecated)"
236a4b77a2aSPoul-Henning Kamp.It XRMD Ta "remove a directory (deprecated) [RW]"
237ea022d16SRodney W. Grimes.El
238ea022d16SRodney W. Grimes.Pp
239ea022d16SRodney W. GrimesThe following non-standard or
240ea022d16SRodney W. Grimes.Tn UNIX
241ea022d16SRodney W. Grimesspecific commands are supported
242ea022d16SRodney W. Grimesby the
243ea022d16SRodney W. GrimesSITE request.
244ea022d16SRodney W. Grimes.Pp
245ea022d16SRodney W. Grimes.Bl -column Request -offset indent
246ea022d16SRodney W. Grimes.It Sy Request Ta Sy Description
247ea022d16SRodney W. Grimes.It UMASK Ta change umask, e.g. ``SITE UMASK 002''
248ea022d16SRodney W. Grimes.It IDLE Ta set idle-timer, e.g. ``SITE IDLE 60''
249a4b77a2aSPoul-Henning Kamp.It CHMOD Ta "change mode of a file [RW], e.g. ``SITE CHMOD 755 filename''"
25053ba84a6SPoul-Henning Kamp.It MD5 Ta "report the files MD5 checksum, e.g. ``SITE MD5 filename''"
251e02897faSPhilippe Charnier.It HELP Ta give help information
252ea022d16SRodney W. Grimes.El
253ea022d16SRodney W. Grimes.Pp
2546a01974bSRuslan ErmilovNote: SITE requests are disabled in case of anonymous logins.
2556a01974bSRuslan Ermilov.Pp
256ea022d16SRodney W. GrimesThe remaining ftp requests specified in Internet RFC 959
257ea022d16SRodney W. Grimesare
258ea022d16SRodney W. Grimesrecognized, but not implemented.
259ea022d16SRodney W. GrimesMDTM and SIZE are not specified in RFC 959, but will appear in the
260ea022d16SRodney W. Grimesnext updated FTP RFC.
261ea022d16SRodney W. Grimes.Pp
262ea022d16SRodney W. GrimesThe ftp server will abort an active file transfer only when the
263ea022d16SRodney W. GrimesABOR
264ea022d16SRodney W. Grimescommand is preceded by a Telnet "Interrupt Process" (IP)
265ea022d16SRodney W. Grimessignal and a Telnet "Synch" signal in the command Telnet stream,
266ea022d16SRodney W. Grimesas described in Internet RFC 959.
267ea022d16SRodney W. GrimesIf a
268ea022d16SRodney W. GrimesSTAT
269ea022d16SRodney W. Grimescommand is received during a data transfer, preceded by a Telnet IP
270ea022d16SRodney W. Grimesand Synch, transfer status will be returned.
271ea022d16SRodney W. Grimes.Pp
272ea022d16SRodney W. Grimes.Nm Ftpd
273ea022d16SRodney W. Grimesinterprets file names according to the
274ea022d16SRodney W. Grimes.Dq globbing
275ea022d16SRodney W. Grimesconventions used by
276ea022d16SRodney W. Grimes.Xr csh 1 .
277ea022d16SRodney W. GrimesThis allows users to utilize the metacharacters
278ea022d16SRodney W. Grimes.Dq Li \&*?[]{}~ .
279ea022d16SRodney W. Grimes.Pp
280ea022d16SRodney W. Grimes.Nm Ftpd
2813276496dSDmitry Sivachenkoauthenticates users according to six rules.
282ea022d16SRodney W. Grimes.Pp
283ea022d16SRodney W. Grimes.Bl -enum -offset indent
284ea022d16SRodney W. Grimes.It
28542946c82SMike PritchardThe login name must be in the password data base
286ea022d16SRodney W. Grimesand not have a null password.
287ea022d16SRodney W. GrimesIn this case a password must be provided by the client before any
288ea022d16SRodney W. Grimesfile operations may be performed.
289a5a4544eSPaul TrainaIf the user has an S/Key key, the response from a successful USER
29019a05e11SRuslan Ermilovcommand will include an S/Key challenge.
29119a05e11SRuslan ErmilovThe client may choose to respond with a PASS command giving either
29219a05e11SRuslan Ermilova standard password or an S/Key one-time password.
29319a05e11SRuslan ErmilovThe server will automatically determine which type of
29419a05e11SRuslan Ermilovpassword it has been given and attempt to authenticate accordingly.
29519a05e11SRuslan ErmilovSee
296a5a4544eSPaul Traina.Xr key 1
29719a05e11SRuslan Ermilovfor more information on S/Key authentication.
29819a05e11SRuslan ErmilovS/Key is a Trademark of Bellcore.
299ea022d16SRodney W. Grimes.It
300ea022d16SRodney W. GrimesThe login name must not appear in the file
301ea022d16SRodney W. Grimes.Pa /etc/ftpusers .
302ea022d16SRodney W. Grimes.It
30331fea7b8SDavid NugentThe login name must not be a member of a group specified in the file
30431fea7b8SDavid Nugent.Pa /etc/ftpusers .
30531fea7b8SDavid NugentEntries in this file interpreted as group names are prefixed by an "at"
30631fea7b8SDavid Nugent.Ql \&@
30731fea7b8SDavid Nugentsign.
30831fea7b8SDavid Nugent.It
309ea022d16SRodney W. GrimesThe user must have a standard shell returned by
310ea022d16SRodney W. Grimes.Xr getusershell 3 .
311ea022d16SRodney W. Grimes.It
312a5a4544eSPaul TrainaIf the user name appears in the file
31331fea7b8SDavid Nugent.Pa /etc/ftpchroot ,
31431fea7b8SDavid Nugentor the user is a member of a group with a group entry in this file,
31531fea7b8SDavid Nugenti.e. one prefixed with
31631fea7b8SDavid Nugent.Ql \&@ ,
317a5a4544eSPaul Trainathe session's root will be changed to the user's login directory by
318a5a4544eSPaul Traina.Xr chroot 2
319a5a4544eSPaul Trainaas for an
320a5a4544eSPaul Traina.Dq anonymous
321a5a4544eSPaul Trainaor
322a5a4544eSPaul Traina.Dq ftp
323b071c689SDavid Nugentaccount (see next item).
32431fea7b8SDavid NugentThis facility may also be triggered by enabling the boolean "ftp-chroot"
325b071c689SDavid Nugentcapability in
326b071c689SDavid Nugent.Xr login.conf 5 .
327b071c689SDavid NugentHowever, the user must still supply a password.
328ea4e54b9SDavid NugentThis feature is intended as a compromise between a fully anonymous
329ea4e54b9SDavid Nugentaccount and a fully privileged account.
33031fea7b8SDavid NugentThe account should also be set up as for an anonymous account.
331a5a4544eSPaul Traina.It
332ea022d16SRodney W. GrimesIf the user name is
333ea022d16SRodney W. Grimes.Dq anonymous
334ea022d16SRodney W. Grimesor
335ea022d16SRodney W. Grimes.Dq ftp ,
336ea022d16SRodney W. Grimesan
337ea022d16SRodney W. Grimesanonymous ftp account must be present in the password
338ea022d16SRodney W. Grimesfile (user
339ea022d16SRodney W. Grimes.Dq ftp ) .
340ea022d16SRodney W. GrimesIn this case the user is allowed
341ea022d16SRodney W. Grimesto log in by specifying any password (by convention an email address for
342a5a4544eSPaul Trainathe user should be used as the password).
343a5a4544eSPaul TrainaWhen the
3443eb568f2SGuido van Rooij.Fl S
3453eb568f2SGuido van Rooijoption is set, all transfers are logged as well.
346ea022d16SRodney W. Grimes.El
347ea022d16SRodney W. Grimes.Pp
348ea022d16SRodney W. GrimesIn the last case,
349e02897faSPhilippe Charnier.Nm
350ea022d16SRodney W. Grimestakes special measures to restrict the client's access privileges.
351ea022d16SRodney W. GrimesThe server performs a
352ea022d16SRodney W. Grimes.Xr chroot 2
353ea022d16SRodney W. Grimesto the home directory of the
354ea022d16SRodney W. Grimes.Dq ftp
355ea022d16SRodney W. Grimesuser.
356ea022d16SRodney W. GrimesIn order that system security is not breached, it is recommended
357ea022d16SRodney W. Grimesthat the
358ea022d16SRodney W. Grimes.Dq ftp
359ea022d16SRodney W. Grimessubtree be constructed with care, following these rules:
360ea022d16SRodney W. Grimes.Bl -tag -width "~ftp/pub" -offset indent
361ea022d16SRodney W. Grimes.It Pa ~ftp
362ea022d16SRodney W. GrimesMake the home directory owned by
363ea022d16SRodney W. Grimes.Dq root
364ea022d16SRodney W. Grimesand unwritable by anyone.
365ea022d16SRodney W. Grimes.It Pa ~ftp/etc
366ea022d16SRodney W. GrimesMake this directory owned by
367ea022d16SRodney W. Grimes.Dq root
368ea022d16SRodney W. Grimesand unwritable by anyone (mode 555).
369a5a4544eSPaul TrainaThe files pwd.db (see
370a5a4544eSPaul Traina.Xr passwd 5 )
371ea022d16SRodney W. Grimesand
372ea022d16SRodney W. Grimes.Xr group 5
373ea022d16SRodney W. Grimesmust be present for the
374ea022d16SRodney W. Grimes.Xr ls
375ea022d16SRodney W. Grimescommand to be able to produce owner names rather than numbers.
376ea022d16SRodney W. GrimesThe password field in
377ea022d16SRodney W. Grimes.Xr passwd
378ea022d16SRodney W. Grimesis not used, and should not contain real passwords.
379ea022d16SRodney W. GrimesThe file
3807253b58bSGary Palmer.Pa ftpmotd ,
381ea022d16SRodney W. Grimesif present, will be printed after a successful login.
382ea022d16SRodney W. GrimesThese files should be mode 444.
383ea022d16SRodney W. Grimes.It Pa ~ftp/pub
384ea022d16SRodney W. GrimesMake this directory mode 777 and owned by
385ea022d16SRodney W. Grimes.Dq ftp .
386ea022d16SRodney W. GrimesGuests
387ea022d16SRodney W. Grimescan then place files which are to be accessible via the anonymous
388ea022d16SRodney W. Grimesaccount in this directory.
389ea022d16SRodney W. Grimes.El
390334ab9fdSDavid Nugent.Pp
391ea4e54b9SDavid NugentIf the system has multiple IP addresses,
392e02897faSPhilippe Charnier.Nm
393ea4e54b9SDavid Nugentsupports the idea of virtual hosts, which provides the ability to
394ea4e54b9SDavid Nugentdefine multiple anonymous ftp areas, each one allocated to a different
395ea4e54b9SDavid Nugentinternet address.
396ea4e54b9SDavid NugentThe file
397ea4e54b9SDavid Nugent.Pa /etc/ftphosts
398ea4e54b9SDavid Nugentcontains information pertaining to each of the virtual hosts.
399ea4e54b9SDavid NugentEach host is defined on its own line which contains a number of
400ea4e54b9SDavid Nugentfields separated by whitespace:
401ea4e54b9SDavid Nugent.Bl -tag -offset indent -width hostname
402ea4e54b9SDavid Nugent.It hostname
403ea4e54b9SDavid NugentContains the hostname or IP address of the virtual host.
404ea4e54b9SDavid Nugent.It user
405ea4e54b9SDavid NugentContains a user record in the system password file.
406ea4e54b9SDavid NugentAs with normal anonymous ftp, this user's access uid, gid and group
407ea4e54b9SDavid Nugentmemberships determine file access to the anonymous ftp area.
408ea4e54b9SDavid NugentThe anonymous ftp area (to which any user is chrooted on login)
409ea4e54b9SDavid Nugentis determined by the home directory defined for the account.
410ea4e54b9SDavid NugentUser id and group for any ftp account may be the same as for the
411ea4e54b9SDavid Nugentstandard ftp user.
412ea4e54b9SDavid Nugent.It statfile
413ea4e54b9SDavid NugentFile to which all file transfers are logged, which
414ea4e54b9SDavid Nugentdefaults to
415ea4e54b9SDavid Nugent.Pa /var/log/ftpd .
416ea4e54b9SDavid Nugent.It welcome
417ea4e54b9SDavid NugentThis file is the welcome message displayed before the server ready
418ea4e54b9SDavid Nugentprompt.
419ea4e54b9SDavid NugentIt defaults to
420ea4e54b9SDavid Nugent.Pa /etc/ftpwelcome .
421ea4e54b9SDavid Nugent.It motd
422ea4e54b9SDavid NugentThis file is displayed after the user logs in.
423ea4e54b9SDavid NugentIt defaults to
424ea4e54b9SDavid Nugent.Pa /etc/ftpmotd .
425ea4e54b9SDavid Nugent.El
426ea4e54b9SDavid Nugent.Pp
427d59b62e3SJoseph KoshyLines beginning with a '#' are ignored and can be used to include
428d59b62e3SJoseph Koshycomments.
429d59b62e3SJoseph Koshy.Pp
430ea4e54b9SDavid NugentDefining a virtual host for the primary IP address or hostname
431ea4e54b9SDavid Nugentchanges the default for ftp logins to that address.
432ea4e54b9SDavid NugentThe 'user', 'statfile', 'welcome' and 'motd' fields may be left
433ea4e54b9SDavid Nugentblank, or a single hypen '-' used to indicate that the default
434ea4e54b9SDavid Nugentvalue is to be used.
435ea4e54b9SDavid Nugent.Pp
436ea4e54b9SDavid NugentAs with any anonymous login configuration, due care must be given
437ea4e54b9SDavid Nugentto setup and maintenance to guard against security related problems.
438ea4e54b9SDavid Nugent.Pp
439e02897faSPhilippe Charnier.Nm
44017130647SPeter Wemmhas internal support for handling remote requests to list
441334ab9fdSDavid Nugentfiles, and will not execute
442334ab9fdSDavid Nugent.Pa /bin/ls
44317130647SPeter Wemmin either a chrooted or non-chrooted environment.  The
444334ab9fdSDavid Nugent.Pa ~/bin/ls
445334ab9fdSDavid Nugentexecutable need not be placed into the chrooted tree, nor need the
446334ab9fdSDavid Nugent.Pa ~/bin
447334ab9fdSDavid Nugentdirectory exist.
448ea022d16SRodney W. Grimes.Sh FILES
449ea022d16SRodney W. Grimes.Bl -tag -width /etc/ftpwelcome -compact
450ea022d16SRodney W. Grimes.It Pa /etc/ftpusers
451ea022d16SRodney W. GrimesList of unwelcome/restricted users.
452a5a4544eSPaul Traina.It Pa /etc/ftpchroot
453a5a4544eSPaul TrainaList of normal users who should be chroot'd.
454f97d7807SDavid E. O'Brien.It Pa /etc/ftphosts
455f97d7807SDavid E. O'BrienVirtual hosting configuration file.
456ea022d16SRodney W. Grimes.It Pa /etc/ftpwelcome
457ea022d16SRodney W. GrimesWelcome notice.
4587253b58bSGary Palmer.It Pa /etc/ftpmotd
459ea022d16SRodney W. GrimesWelcome notice after login.
4600e510aedSSatoshi Asami.It Pa /var/run/nologin
461ea022d16SRodney W. GrimesDisplayed and access refused.
4623eb568f2SGuido van Rooij.It Pa /var/log/ftpd
4633eb568f2SGuido van RooijLog file for anonymous transfers.
464ea022d16SRodney W. Grimes.El
465ea022d16SRodney W. Grimes.Sh SEE ALSO
466ea022d16SRodney W. Grimes.Xr ftp 1 ,
467a5a4544eSPaul Traina.Xr key 1 ,
468ea022d16SRodney W. Grimes.Xr getusershell 3 ,
469b071c689SDavid Nugent.Xr login.conf 5 ,
470cf09a206SDavid Greenman.Xr inetd 8 ,
471ea022d16SRodney W. Grimes.Xr syslogd 8
472ea022d16SRodney W. Grimes.Sh BUGS
473ea022d16SRodney W. GrimesThe server must run as the super-user
474ea022d16SRodney W. Grimesto create sockets with privileged port numbers.  It maintains
475ea022d16SRodney W. Grimesan effective user id of the logged in user, reverting to
476ea022d16SRodney W. Grimesthe super-user only when binding addresses to sockets.  The
477ea022d16SRodney W. Grimespossible security holes have been extensively
478ea022d16SRodney W. Grimesscrutinized, but are possibly incomplete.
479ea022d16SRodney W. Grimes.Sh HISTORY
480ea022d16SRodney W. GrimesThe
481ea022d16SRodney W. Grimes.Nm
482ea022d16SRodney W. Grimescommand appeared in
483ea022d16SRodney W. Grimes.Bx 4.2 .
4844dd8b5abSYoshinobu InoueIPv6 support was added in WIDE Hydrangea IPv6 stack kit.
485