System Administration Guide: Resource Management and Network Services

How to Define FTP Server Classes

To log in to the FTP server, users must be members of a class when the ftpaccess file is used. To add the class directive to the ftpaccess file, you specify the class name, typelist of users who are permitted access from a particular host.

  1. Become superuser.

  2. Add entries for anonymous, guest, and real users in the ftpaccess file.

    class class typelist addrglob[addrglob...]


    Keyword that is used to define FTP users. 


    A name that is defined by the class keyword. Each login is compared against a list of defined classes. The logged in user is considered a member of the first class matched.


    A comma-separated list of the keywords that match the three types of users: anonymous, guest, and real.


    A globbed domain name or a globbed numeric address. The addrglob can also be the name of a file, starting with a slash (`/`), which contains additional address globs: address:netmask or address/cidr.

    Here are some examples of globbed addresses:

    • Numeric IPv4 address:

    • Globbed domain name *

    • Globbed numeric IPv4 address 10.1.2.*

    • Numeric IPv4 address:netmask

    • Numeric IPv4 address/CIDR

    • Numeric IPv6 address: 2000::56:789:21ff:fe8f:ba98

    • Numeric IPv6 address/CIDR: 2000::56:789:21ff:fe8f:ba98/120

Example—Defining FTP Server Classes

class  local  real,guest,anonymous *
class  remote real,guest,anonymous *

The previous example defines the local class as any user of the type real, guest, or anonymous who logs in from * The last line defines remote as any user who logs in from anywhere other than *