ftpd

NAME

ftpd - Internet file transfer protocol server

SYNOPSIS

/usr/sbin/in.ftpd [-dl] [-a n] [-T maxtimeout] [-t timeout]

DESCRIPTION

The ftpd(1) utility is the internet file transfer protocol (ftp) server process. The server uses the TCP protocol and listens at the port specified in the ftp service specification.

OPTIONS

-a n: Set a time-out for the active command. This time-out is for the transfer of data for all commands (the -t option sets a time-out only for idle connections). This option is useful for environments where connections from the ftp client is unreliable and will not or cannot be reestablished once lost. The value of n seconds is the time-out; the default active time-out is 0 seconds, which preserves the traditional behavior. The minimum value for n is 600 (ten minutes); a negative value is not allowed.
-d: Debugging information is written to the syslog using LOG_FTP.
-l: Each successful and failed ftp(1) session is logged using syslog with a facility of LOG_FTP. If this option is specified twice, the retrieve (get), store (put), append, delete, make directory, remove directory and rename operations and their file-name arguments are also logged.
-T: A client can also request a different time-out period; the maximum period allowed can be set to timeout seconds with the -T option. The default limit is two hours.
-t: The inactivity time-out period is set to timeoutseconds (the default is 15 minutes).

You can use the file /etc/nologin to disable ftp access. If the file exists, ftpd(1) displays it and exits. If the file /etc/ftpwelcome exists, ftpd(1) prints it before issuing the ready message. If the file /etc/motd exists, ftpd(1) prints it after you have successfully logged on.

The ftp server currently supports the following ftp requests. The case of the requests is ignored.

Request	Description
ABOR	Abort previous command
ACCT	Specify account (ignored)
ALLO	Allocate storage (vacuously)
APPE	Append to a file
CDUP	Change to parent of current working directory
CWD	Change working directory
DELE	Delete a file
HELP	Give help information
LIST	Give list files in a directory ("ls -lgA")
MKD	Make a directory
MDTM	Show last modification time of file
MODE	Specify data transfer Em mode
NLST	Give name list of files in directory
NOOP	Do nothing
PASS	Specify password
PASV	Prepare for server-to-server transfer
PORT	Specify data connection port
PWD	Print the current working directory
QUIT	Terminate session
REST	Restart incomplete transfer
RETR	Retrieve a file
RMD	Remove a directory
RNFR	Specify rename-from file name
RNTO	Specify rename-to file name
SITE	Nonstandard commands (see next section)
SIZE	Return size of file
STAT	Return status of server
STOR	Store a file
STOU	Store a file with a unique name
STRU	Specify data transfer Em structure
SYST	Show operating system type of server system
TYPE	Specify data transfer Em type
USER	Specify user name
XCUP	Change to parent of current working directory (deprecated)
XCWD	Change working directory (deprecated)
XMKD	Make a directory (deprecated)
XPWD	Print the current working directory (deprecated)
XRMD	Remove a directory (deprecated)

The following nonstandard commands are supported by the SITE request.

Request	Description
UMASK	Change umask; for example, "SITE UMASK 002"
IDLE	Set idle-timer; for example, "SITE IDLE 60"
CHMOD	Change mode of a file; for example, "SITE CHMOD 755 filename"
HELP	Give help information

The remaining ftp requests specified in Internet RFC 959 are recognized, but not implemented. MDTM and SIZE are not specified in RFC 959, but will appear in the next updated FTP RFC.

The ftp server will abort an active file transfer only when the ABOR command is preceded by a telnet "Interrupt Process" (IP) signal and a telnet "Synch" signal in the command telnet stream, as described in Internet RFC 959. If a STAT command is received during a data transfer, preceded by a telnet IP and Synch, transfer status will be returned.

The ftpd(1) utility interprets file names according to the globbing conventions used by csh(1). This allows users to utilize the metacharacters *?[]{}~.

The ftpd(1) utility authenticates users according to these rules:

The logon name must be in the password data base, and not have a null password. In this case a password must be provided by the client before any file operations can be performed.
The logon name must not appear in the file /etc/ftpusers.

ANONYMOUS FTP

On many systems (but not Interix), there is a provision for "anonymous ftp"—if the logon names "anonymous" or "ftp" match an account on the system, the user can log on with any password. On these systems, ftpd(1) performs a chroot(3) system call and takes other measures to preserve security.

On Interix versions before 2.5, there is no anonymous ftp— the user names "anonymous" and "ftp" have no special meaning. Because Interix provides no chroot(3) system call, anonymous ftp sessions are insecure and dangerous.

FILES

The ftpd(1) utility makes use of the following files:

/etc/ftpusers: List of unwelcome/restricted users
/etc/ftpwelcome: Welcome notice
/etc/motd: Welcome notice after logging on
/etc/nologin: Displayed and access refused

BUGS

The possible security holes have been extensively scrutinized, but are possibly incomplete.

SEE ALSO