Part I Network Services Topics
Part II Accessing Network File Systems Topics
4. Managing Network File Systems (Overview)
5. Network File System Administration (Tasks)
6. Accessing Network File Systems (Reference)
8. Planning and Enabling SLP (Tasks)
10. Incorporating Legacy Services
Part V Serial Networking Topics
15. Solaris PPP 4.0 (Overview)
16. Planning for the PPP Link (Tasks)
17. Setting Up a Dial-up PPP Link (Tasks)
18. Setting Up a Leased-Line PPP Link (Tasks)
19. Setting Up PPP Authentication (Tasks)
20. Setting Up a PPPoE Tunnel (Tasks)
21. Fixing Common PPP Problems (Tasks)
22. Solaris PPP 4.0 (Reference)
23. Migrating From Asynchronous Solaris PPP to Solaris PPP 4.0 (Tasks)
25. Administering UUCP (Tasks)
Part VI Working With Remote Systems Topics
27. Working With Remote Systems (Overview)
28. Administering the FTP Server (Tasks)
Administering the FTP Server (Task Map)
How to Define FTP Server Classes
How to Control the Number of Invalid Login Attempts
How to Disallow FTP Server Access to Particular Users
How to Restrict Access to the Default FTP Server
How to Customize Message Files
How to Create Messages to Be Sent to Users
How to Configure the README Option
Controlling Access to Files on the FTP Server
How to Control File Access Commands
Controlling Uploads and Downloads on the FTP Server
How to Control Uploads to the FTP Server
How to Control Downloads to the FTP Server
How to Enable Limited Virtual Hosting
How to Enable Complete Virtual Hosting
Starting the FTP Server Automatically
How to Start an FTP Server Using SMF
How to Start a Standalone FTP Server in the Background
How to Start a Standalone FTP Server in the Foreground
How to Shut Down the FTP Server
How to Check syslogd for FTP Server Messages
How to Use greeting text to Verify ftpaccess
How to Check the Commands Executed by FTP Users
Configuration Help for Busy Sites
29. Accessing Remote Systems (Tasks)
Part VII Monitoring Network Services Topics
To access an FTP server, you must first log in. The FTP server supports three types of user login accounts for real, guests, and anonymous users.
Real users have accounts that allow them to establish terminal sessions on systems that run the FTP server. Subject to directory and file access permissions, the entire disk structure is visible to real users.
Guest users also need accounts to log in to the FTP server. Each guest account is set up with a user name and password. Functioning login shells are not assigned to guests to prevent users from establishing terminal sessions. At login, the FTP server performs a chroot(2) operation to restrict a guest's view of the server's disk structure.
Note - Login shells for real and guest users must be listed in the /etc/shells file to allow access to the FTP server.
Anonymous users log in to the FTP server by using the either ftp or anonymous as a user name. By convention, anonymous users supply an email address when prompted for a password.
At login, the FTP server performs a chroot(2) operation that restricts the anonymous user's view of the server's disk structure. A single file area is shared by all anonymous users, unlike the separate areas that can be created for each guest user.
Real and guest users log in by using individual accounts with passwords that are known only to one person. Anonymous users log in to a well-known account that is potentially available to anyone. Most large-scale file distribution is created by using the anonymous account.
To enable access for real users to the FTP server, follow these instructions:
For more information, see Chapter 4, Managing User Accounts and Groups (Overview), in System Administration Guide: Basic Administration.
For information on the user classes that are defined in the ftpaccess file, see How to Define FTP Server Classes.
The ftpconfig script is used to copy all necessary system files to the home directory. When the guest user and the guest's home directory already exist, the ftpconfig script updates the area with the current system files.
For more information, see ftpconfig(1M)
Note - Unlike the user name (anonymous or ftp) that is set for anonymous users, user names for FTP guests are not fixed. Any name that would work as a real user name can be selected.
To enable access by a guest user to the FTP server, do the following:
For more information, see useradd(1M) and Chapter 4, Managing User Accounts and Groups (Overview), in System Administration Guide: Basic Administration.
Note - In this procedure, /home/guests/./guest1 is used as the home directory name for a user who is called guest1.
# /usr/sbin/useradd -m -c "Guest FTP" -d \ /home/guests/./guest1 -s /bin/true guest1
guestuser guest1
Note - You can also use the guestgroup capability in the ftpaccess file to specify guest users. The guest-root capability in ftpaccess eliminates the need for the /./ in the guest user's home directory path.
/usr/sbin/ftpconfig -d /home/guests
Example 28-6 Setting Up a Guest FTP Server
In this example, the FTP area is set up in the /home/guests directory.
# /usr/sbin/ftpconfig -d /home/guests Updating directory /home/guests
The ftpconfig script creates the anonymous user account and populates the home directory with the required files.
For more information, see ftpconfig(1M).
To enable access by an anonymous user to the FTP server, follow these instructions:
/usr/sbin/ftpconfig anonymous-ftp-directory
See How to Define FTP Server Classes for further information.
Example 28-7 Setting Up Anonymous FTP Users
In this example, the FTP area is set up in the /home/ftp directory.
# /usr/sbin/ftpconfig /home/ftp Creating user ftp Updating directory /home/ftp
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
Example 28-8 Creating the /etc/shells file
The following is an example of an /etc/shells file with a /bin/true listed for FTP guest users:
/sbin/sh /bin/csh /bin/jsh /bin/ksh /bin/remsh /bin/rksh /bin/rsh /bin/sh /usr/bin/csh /usr/bin/ksh /usr/bin/bash /usr/bin/tcsh /usr/bin/zsh /bin/true