Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ ftpd.deny(4M) — DG/UX R4.11MU05

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

ftp(1C)

ftpd(1M)

passwd(4)



ftpd.deny(4M)                  DG/UX R4.11MU05                 ftpd.deny(4M)


NAME
       ftpd.allow, ftpd.deny - FTP service access configuration files.

DESCRIPTION
       The ftpd.allow and ftpd.deny files, located in the /etc directory,
       allow system administrators to configure File Transfer Protocol (FTP)
       access on their systems.

       If the file /etc/ftpd.allow exists, only those usernames listed in it
       are allowed access to this FTP server.  If it does not exist, all
       usernames except those listed in /etc/ftpd.deny will be allowed
       access.  Additionally, these files may contain configuration
       information which grants (or denies) FTP service access for users on
       specific hosts or networks.  Access is validated by checking
       /etc/ftpd.allow first followed by /etc/ftpd.deny.  Note that it is
       possible to grant service access to an account in the allow file only
       to subsequently deny service access to it in the deny file.


       /etc/ftpd.allow
                 This file lists usernames which are allowed FTP service.
                 Additionally, each record may contain network/netmask and
                 per-user configuration information.  The /etc/ftpd.allow
                 file format is as follows:

                           username [network [netmask]] : maxsess timeout
                           maxtimeout umask

                 Where:

                 username  is a valid username as specified by /etc/passwd
                           or NIS.  The '+' wildcard symbol may be used to
                           specify all usernames.

                 network   is a dotted quad IP address which specifies
                           networks (or hosts) to which access is allowed.
                           If unspecified, FTP service access is granted to
                           username from all hosts/networks.

                 netmask   is a dotted quad IP address mask which is
                           logically and'ed with network to specify a range
                           of addresses which are allowed FTP service.

                 max_sess  is the number of concurrent ftp connections
                           allowed for the username.  If '-' is specified,
                           max concurrent sessions for the username is as
                           defined globally by the ftpd '-s' switch.

                 timeout   is a number specifying the inactivity time-out
                           period (in secs) for the username.  If '-' is
                           specified, the timeout value for username is as
                           defined globally by the ftpd '-t' switch.

                 maxtimeout
                           is a number specifying the maximum inactivity
                           time-out period (in secs) the user may specify
                           via the ftpd 'SITE IDLE' command.  If '-' is
                           specified, the max-timeout value for the username
                           is as defined globally by the ftpd '-T' switch.

                 umask     is an octal number specifying the default umask
                           for the username.  If '-' is specified, the
                           default umask value for the username is as
                           defined globally by the ftpd '-u' (or '-U')
                           switch.


       /etc/ftpd.deny
                 This file lists usernames (and alternatively
                 hosts/networks) which are denied FTP service.  The
                 /etc/ftpd.deny file format is as follows:

                           username [network [netmask]]

                 Where:

                 username  is a valid username as specified by /etc/passwd
                           or NIS.  The '+' wildcard symbol may be used to
                           specify all usernames.

                 network   is a dotted quad IP address which specifies
                           networks (or hosts) to which access is denied.
                           If unspecified, FTP service access is denied to
                           username from all hosts/networks.

                 netmask   is a dotted quad IP address mask which is
                           logically and'ed with network to specify a range
                           of addresses which are denied FTP service.

       If an administrator wants to allow FTP access to a limited number of
       users, those user's login names may be entered into the ftpd.allow
       file.  When that user attempts to ftp(1C) into the system, ftpd(1M)
       scans the ftpd.allow file, finds the user's login name, and allows
       access to that user.  If ftpd(1M) is unable to find the user's login
       name, FTP access is denied for that user.

       If the ftpd.allow file does not exist, ftpd(1M) will assume that
       access is allowed for all users except those listed in ftpd.deny.

       FTP access may be denied to a particular user by entering that user's
       login name into the ftpd.deny file.  When that user attempts to
       ftp(1C) into the system, ftpd(1M) scans the ftpd.deny file, finds the
       user's login name, and denies access to that user.

EXAMPLES
       All users on machines located on the 128.222.8 network may be granted
       FTP access to the ftp server by specifying '+ 128.222.8.0
       255.255.255.0' in the /etc/ftpd.allow file.  Anonymous FTP access
       from anywhere and normal user access from only the 128.222.0.0
       network may be granted by specifying the records 'ftp' and '+
       128.222.0.0 255.255.0.0' in the /etc/ftpd.allow file.

FILES
       /etc/ftpd.allow
       /etc/ftpd.deny

SEE ALSO
       ftp(1C), ftpd(1M), passwd(4).


Licensed material--property of copyright holder(s)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026