ftpd(1M)




NAME

     in.ftpd, ftpd - File Transfer Protocol Server


SYNOPSIS

     in.ftpd [-4] [-A] [-a] [-C] [-d] [-I] [-i]  [-K]  [-L]  [-l]
     [-o] [-P dataport] [-p ctrlport] [-Q] [-q] [-r rootdir] [-S]
     [-s] [-T maxtimeout] [-t timeout] [-u umask] [-V] [-v]  [-W]
     [-w] [-X]


DESCRIPTION

     in.ftpd is the Internet File Transfer Protocol (FTP)  server
     process.  The  server  may be invoked by the Internet daemon
     inetd(1M) each time a connection to the FTP service is  made
     or run as a standalone server. See services(4).


OPTIONS

     in.ftpd supports the following options:

     -4    When running in standalone mode,  listen  for  connec-
           tions  on  an  AF_INET  type socket. The default is to
           listen on an AF_INET6 type socket.

     -a    Enables use of the ftpaccess(4) file.

     -A    Disables use of the ftpaccess(4) file. Use  of  ftpac-
           cess is disabled by default.

     -C    Non-anonymous users need local credentials (for  exam-
           ple,  to  authenticate to remote fileservers). So they
           should be prompted for a  password  unless  they  for-
           warded credentials as part of authentication.

     -d    Writes debugging information to syslogd(1M).

     -i    Logs the names of all files received by the FTP Server
           to  xferlog(4). You can override the -i option through
           use of the ftpaccess(4) file.

     -I    Disables the use of AUTH and ident  to  determine  the
           username on the client. See RFC 931. The FTP Server is
           built not to use AUTH and ident.

     -K    Connections are only allowed for users who can authen-
           ticate  through the ftp AUTH mechanism. (Anonymous ftp
           may also be allowed if it is  configured.)  ftpd  will
           ask the user for a password if one is required.

     -l    Logs each FTP session to syslogd(1M).

     -L    Logs all commands sent to in.ftpd to syslogd(1M). When
           the  -L  option is used, command logging will be on by
           default, once the FTP Server is invoked.  Because  the
           FTP  Server includes USER commands in those logged, if
           a user accidentally enters a password instead  of  the
           username,  the  password will be logged. You can over-
           ride the -L option through  use  of  the  ftpaccess(4)
           file.

     -o    Logs the names of all files  transmitted  by  the  FTP
           Server  to  xferlog(4). You can override the -o option
           through use of the ftpaccess(4) file.

     -P dataport
           The FTP Server determines the port number  by  looking
           in  the services(4) file for an entry for the ftp-data
           service. If there is no entry,  the  daemon  uses  the
           port  just  prior  to the control connection port. Use
           the -P option to specify the data port number.

     -p ctrlport
           When run in standalone mode, the FTP Server determines
           the  control port number by looking in the services(4)
           file for an entry for the  ftp  service.  Use  the  -p
           option to specify the control port number.

     -Q    Disables PID files. This disables user limits.  Large,
           busy  sites  that  do not want to impose limits on the
           number of concurrent users can use this option to dis-
           able PID files.

     -q    Uses PID files. The limit directive uses PID files  to
           determine  the  number of current users in each access
           class. By default, PID files are used.

     -r rootdir
           chroot(2) to rootdir upon loading. Use this option  to
           improve  system security. It limits the files that can
           be damaged should a break in occur through the daemon.
           This  option  is  similar to anonymous FTP. Additional
           files are needed, which vary from system to system.

     -S    Places the daemon in standalone  operation  mode.  The
           daemon  runs  in  the  background.  This is useful for
           startup scripts that run during system initialization.
           See init.d(4).

     -s    Places the daemon in standalone  operation  mode.  The
           daemon runs in the foreground. This is useful when run
           from /etc/inittab by init(1M).

     -T maxtimeout
           Sets the maximum  allowable  timeout  period  to  max-
           timeout  seconds. The default maximum timeout limit is
           7200 second (two  hours).  You  can  override  the  -T
           option through use of the ftpaccess(4) file.

     -t timeout
           Sets the inactivity timeout period to timeout seconds.
           The   default   timeout  period  is  900  seconds  (15
           minutes). You can override the -t option  through  use
           of the ftpaccess(4) file.

     -u umask
           Sets the default umask to umask.

     -V    Displays copyright and version information, then  ter-
           minate.

     -v    Writes debugging information to syslogd(1M).

     -W    Does not record user login and logout in the  wtmpx(4)
           file.

     -w    Records each user login and  logout  in  the  wtmpx(4)
           file. By default, logins and logouts are recorded.

     -X    Writes the output from the -i and -o  options  to  the
           syslogd(1M)  file  instead  of xferlog(4). This allows
           the collection of output from  several  hosts  on  one
           central  loghost.  You  can  override  the  -X  option
           through use of the ftpaccess(4) file.

  Requests
     The  FTP  Server  currently  supports  the   following   FTP
     requests. Case is not distinguished.

     ABOR  Abort previous command.

     ADAT  Send an authentication protocol message.

     ALLO  Allocate storage (vacuously).

     AUTH  Specify an authentication protocol  to  be  performed.
           Currently only "GSSAPI" is supported.

     APPE  Append to a file.

     CCC   Set the command channel protection mode to "Clear" (no
           protection). Not allowed if data channel is protected.

     CDUP  Change to parent of current working directory.

     CWD   Change working directory.

     DELE  Delete a file.

     ENC   Send a privacy and integrity protected command  (given
           in argument).

     EPRT  Specify extended address for the transport connection.

     EPSV  Extended passive command request.

     HELP  Give help information.

     LIST  Give list files in a directory (ls -lA).

     LPRT  Specify long address for the transport connection.

     LPSV  Long passive command request.

     MIC   Send an integrity protected command  (given  in  argu-
           ment).

     MKD   Make a directory.

     MDTM  Show last time file modified.

     MODE  Specify data transfer mode.

     NLST  Give name list of files in directory (ls).

     NOOP  Do nothing.

     PASS  Specify password.

     PASV  Prepare for server-to-server transfer.

     PBSZ  Specify a protection buffer size.

     PROT  Specify a protection level under which to protect data
           transfers. Allowed arguments:

           clear No protection.

           safe  Integrity protection

           private
                 Integrity and encryption protection

     PORT  Specify data connection port.

     PWD   Print the current working directory.

     QUIT  Terminate session.

     REST  Restart incomplete transfer.
     RETR  Retrieve a file.

     RMD   Remove a directory.

     RNFR  Specify rename-from file name.

     RNTO  Specify rename-to file name.

     SITE  Use nonstandard commands.

     SIZE  Return size of file.

     STAT  Return status of server.

     STOR  Store a file.

     STOU  Store a file with a unique name.

     STRU  Specify data transfer structure.

     SYST  Show operating system type of server system.

     TYPE  Specify data transfer type.

     USER  Specify user name.

     XCUP  Change to parent of current  working  directory.  This
           request is deprecated.

     XCWD  Change working directory. This request is deprecated.

     XMKD  Make a directory. This request is deprecated.

     XPWD  Print the current working directory. This  request  is
           deprecated.

     XRMD  Remove a directory. This request is deprecated.

     The following nonstandard or UNIX specific commands are sup-
     ported by the SITE request:

     ALIAS List aliases.

     CDPATH
           List the search path used when changing directories.

     CHECKMETHOD
           List or set the checksum method.

     CHECKSUM
           Give the checksum of a file.

     CHMOD Change mode of a file. For  example,  SITE  CHMOD  755
           filename.

     EXEC  Execute a program.  For  example,  SITE  EXEC  program
           params

     GPASS Give special group access password. For example,  SITE
           GPASS bar.

     GROUP Request special group access. For example, SITE  GROUP
           foo.

     GROUPS
           List supplementary group membership.

     HELP  Give help information. For example, SITE HELP.

     IDLE  Set idle-timer. For example, SITE IDLE 60.

     UMASK Change umask. For example, SITE UMASK 002.

     The remaining FTP requests specified in RFC 959  are  recog-
     nized, but not implemented.

     The FTP server will abort an active file transfer only  when
     the ABOR command is preceded by a Telnet "Interrupt Process"
     (IP) signal and a Telnet "Synch" signal in the command  Tel-
     net  stream,  as  described in RFC 959. If a STAT command is
     received during a data transfer that has been preceded by  a
     Telnet IP and Synch, transfer status will be returned.

     in.ftpd interprets file names according  to  the  "globbing"
     conventions used by csh(1). This allows users to utilize the
     metacharacters: * ? [ ] { } ~

     in.ftpd authenticates users according to four rules.

     First, the user name must be in the password data base,  the
     location  of  which  is  specified  in  nsswitch.conf(4). An
     encrypted password (an authentication token in PAM) must  be
     present.  A  password  must always be provided by the client
     before any  file  operations  can  be  performed.  For  non-
     anonymous  users,  the  PAM framework is used to verify that
     the correct password was entered. See SECURITY below.

     Second,  the  user  name  must  not  appear  in  either  the
     /etc/ftpusers  or  the  /etc/ftpd/ftpusers  file. Use of the
     /etc/ftpusers files is deprecated, although it is still sup-
     ported.

     Third, the users must have  a  standard  shell  returned  by
     getusershell(3C).
     Fourth, if the user name is anonymous or ftp,  an  anonymous
     ftp  account  must  be present in the password file for user
     ftp. Use ftpconfig(1M) to create the anonymous  ftp  account
     and home directory tree.

     The FTP Server supports virtual hosting, which can  be  con-
     figured by using ftpaddhost(1M).

     The FTP Server does not support sublogins.

  General FTP Extensions
     The FTP Server has certain extensions. If the user specifies
     a  filename  that does not exist with a RETR (retrieve) com-
     mand, the FTP Server looks for a conversion to change a file
     or   directory   that  does  into  the  one  requested.  See
     ftpconversions(4).

     By convention, anonymous users supply  their  email  address
     when  prompted  for  a  password. The FTP Server attempts to
     validate these email addresses.  A  user  whose  FTP  client
     hangs  on  a  long reply, for example, a multiline response,
     should use a dash (-) as the first character of  the  user's
     password, as this disables the Server's lreply() function.

     The FTP Server can also log all file transmission and recep-
     tion. See xferlog(4) for details of the log file format.

     The SITE EXEC command may be used to execute commands in the
     /bin/ftp-exec  directory.  Take care that you understand the
     security implications before copying any  command  into  the
     /bin/ftp-exec   directory.  For  example,  do  not  copy  in
     /bin/sh. This would enable the user to  execute  other  com-
     mands  through  the  use  of sh -c. If you have doubts about
     this feature, do not create the /bin/ftp-exec directory.


SECURITY

     For non-anonymous users, in.ftpd uses PAM(3PAM) for  authen-
     tication,  account  management,  and session management. The
     PAM  configuration  policy,  listed  through  /etc/pam.conf,
     specifies  the module to be used for in.ftpd. Here is a par-
     tial pam.conf file with  entries  for  the  in.ftpd  command
     using  the UNIX authentication, account management, and ses-
     sion management module.

     ftp  auth        requisite   pam_authtok_get.so.1
     ftp  auth        required    pam_dhkeys.so.1
     ftp  auth        required    pam_unix_auth.so.1

     ftp  account     required    pam_unix_roles.so.1
     ftp  account     required    pam_unix_projects.so.1
     ftp  account     required    pam_unix_account.so.1

     ftp  session     required    pam_unix_session.so.1

     If there are no  entries  for  the  ftp  service,  then  the
     entries  for the "other" service will be used. Unlike login,
     passwd, and other commands, the ftp protocol will only  sup-
     port  a single password. Using multiple modules will prevent
     in.ftpd from working properly.

     For anonymous users, who by convention  supply  their  email
     address as a password, in.ftpd validates passwords according
     to the passwd-check capability in the ftpaccess file.


USAGE

     The in.ftpd command is IPv6-enabled. See ip6(7P).


FILES

     /etc/ftpd/ftpaccess
           FTP Server configuration file

     /etc/ftpd/ftpconversions
           FTP Server conversions database

     /etc/ftpd/ftpgroups
           FTP Server enhanced group access file

     /etc/ftpd/ftphosts
           FTP Server individual user host access file

     /etc/ftpd/ftpservers
           FTP Server virtual hosting configuration file.

     /etc/ftpd/ftpusers
           File listing users for whom FTP login  privileges  are
           disallowed.

     /etc/ftpusers
           File listing users for whom FTP login  privileges  are
           disallowed. This use of this file is deprecated.

     /var/log/xferlog
           FTP Server transfer log file

     /var/run/ftp.pids-classname

     /var/adm/wtmpx
           Extended database files that contain  the  history  of
           user  access  and accounting information for the wtmpx
           database.


ATTRIBUTES

     See attributes(5) for descriptions of the  following  attri-
     butes:

     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Availability                | SUNWftpu                    |
    |_____________________________|_____________________________|
    | Interface Stability         | External                    |
    |_____________________________|_____________________________|


SEE ALSO

     csh(1),    ftp(1),    ftpcount(1),     ftpwho(1),     ls(1),
     ftpaddhost(1M),  ftpconfig(1M), ftprestart(1M), ftpshut(1M),
     inetd(1M), syslogd(1M), chroot(2),  umask(2),  getpwent(3C),
     getusershell(3C),   syslog(3C),   ftpaccess(4),   ftpconver-
     sions(4),    ftpgroups(4),    ftphosts(4),    ftpservers(4),
     ftpusers(4),  group(4),  passwd(4), services(4), xferlog(4),
     wtmpx(4),        attributes(5),        pam_authtok_check(5),
     pam_authtok_get(5),   pam_authtok_store(5),   pam_dhkeys(5),
     pam_passwd_auth(5),  pam_unix_account(5),  pam_unix_auth(5),
     pam_unix_session(5), ip6(7P)

     Allman, M., Ostermann, S., and Metz, C. RFC 2428, FTP Exten-
     sions  for  IPv6  and  NATs. The Internet Society. September
     1998.

     Piscitello, D. RFC 1639,  FTP  Operation  Over  Big  Address
     Records (FOOBAR). Network Working Group. June 1994.

     Postel, Jon, and Joyce Reynolds. RFC 959, File Transfer Pro-
     tocol (FTP ). Network Information Center. October 1985.

     St. Johns, Mike. RFC  931,  Authentication  Server.  Network
     Working Group. January 1985.

     Linn,  J.,  Generic  Security  Service  Application  Program
     Interface  Version  2,  Update  1,  RFC  2743.  The Internet
     Society, January 2000.

     Horowitz, M., Lunt, S., FTP Security Extensions,  RFC  2228.
     The Internet Society, October 1997.


DIAGNOSTICS

     in.ftpd logs various errors to syslogd(1M), with a  facility
     code of daemon.


NOTES

     The anonymous FTP account is inherently dangerous and should
     be avoided when possible.
     The FTP Server must perform certain tasks as the  superuser,
     for  example,  the  creation of sockets with privileged port
     numbers. It maintains an effective user ID of the logged  in
     user, reverting to the superuser only when necessary.

     The FTP Server  no  longer  supports  the  /etc/default/ftpd
     file.  Instead  of using UMASK=nnn to set the umask, use the
     defumask capability in the ftpaccess file. The banner greet-
     ing  text  capability  is also now set through the ftpaccess
     file by using the greeting text  capability  instead  of  by
     using  BANNER="...".  However, unlike the BANNER string, the
     greeting text string is not passed to the shell for  evalua-
     tion. See ftpaccess(4).

     The pam_unix(5) module is no longer supported. Similar func-
     tionality     is     provided    by    pam_authtok_check(5),
     pam_authtok_get(5),   pam_authtok_store(5),   pam_dhkeys(5),
     pam_passwd_auth(5),  pam_unix_account(5),  pam_unix_auth(5),
     and pam_unix_session(5).


Man(1) output converted with man2html