Go to main content
Oracle® ZFS Storage Appliance Security Guide, Release OS8.7.0

Exit Print View

Updated: July 2017

FTP Data Service

FTP allows filesystem access from FTP clients. The FTP service does not allow anonymous logins, and users must authenticate with the configured name service.

FTP supports the following security settings. These settings are shared for all filesystems for which the FTP protocol access is enabled:

  • Enable SSL/TLS - Allows SSL/TLS-encrypted FTP connections and ensures that the FTP transaction is encrypted. This is disabled by default. The FTP server uses either a self-signed security certificate or a customer-supplied certificate.

  • Permit Root Login - Allows FTP logins for the root user. This is off by default because FTP authentication uses plain text, which poses a security risk from network sniffing attacks.

  • Maximum Number of Allowable Login Attempts - The number of failed login attempts before an FTP connection is disconnected, and the user must reconnect to try again. The default is 3.

  • Logging Level - The verbosity of the log.

FTP supports the following logs:

  • proftpd - FTP events, including successful and unsuccessful login attempts

  • proftpd_xfer - File transfer log

  • proftpd_tls - FTP events related to SSL/TLS encryption