1 .\" opieftpd.8: Manual page describing the FTP daemon.
3 .\" %%% portions-copyright-cmetz-98
4 .\" Portions of this software are Copyright 1998-1999 by Craig Metz, All Rights
5 .\" Reserved. The Inner Net License Version 2 applies to these portions of
7 .\" You should have received a copy of the license with this software. If
8 .\" you didn't get a copy, you may request one from <license@inner.net>.
11 .\" Portions of this software are Copyright 1995 by Randall Atkinson and Dan
12 .\" McDonald, All Rights Reserved. All Rights under this copyright are assigned
13 .\" to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
14 .\" License Agreement applies to this software.
18 .\" Modified by cmetz for OPIE 2.4. Document -u option.
19 .\" Modified at NRL for OPIE 2.0.
20 .\" Originally from BSD.
24 .\" This manual page uses the BSD >= Net/2 "mandoc" macros and may not
25 .\" format properly on all systems.
27 .\" Copyright (c) 1985, 1988, 1991 The Regents of the University of California.
28 .\" All rights reserved.
30 .\" Redistribution and use in source and binary forms, with or without
31 .\" modification, are permitted provided that the following conditions
33 .\" 1. Redistributions of source code must retain the above copyright
34 .\" notice, this list of conditions and the following disclaimer.
35 .\" 2. Redistributions in binary form must reproduce the above copyright
36 .\" notice, this list of conditions and the following disclaimer in the
37 .\" documentation and/or other materials provided with the distribution.
38 .\" 3. All advertising materials mentioning features or use of this software
39 .\" must display the following acknowledgement:
40 .\" This product includes software developed by the University of
41 .\" California, Berkeley and its contributors.
42 .\" 4. Neither the name of the University nor the names of its contributors
43 .\" may be used to endorse or promote products derived from this software
44 .\" without specific prior written permission.
46 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
47 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
50 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 .\" @(#)opieopieftpd.8 6.9 (Berkeley) 3/16/91
60 .TH OPIEFTPD 8 "10 January 1995"
63 opieftpd \- File Transfer Protocol server that uses OPIE authentication
77 is the Internet File Transfer Protocol server process. The server uses the
78 TCP protocol and listens at the port specified in the ftp service
85 Debugging information is written to the system logs.
90 session is logged in the system logs.
93 The inactivity timeout period is set to
95 seconds (the default is 15 minutes).
98 A client may also request a different timeout period;
99 the maximum period allowed may be set to
103 option. The default limit is 2 hours.
105 Set the default umask value to
108 The ftp server currently supports the following ftp
109 requests; case is not distinguished:
114 ABOR abort previous command
115 ACCT specify account (ignored)
116 ALLO allocate storage (vacuously)
117 APPE append to a file
118 CDUP change to parent of current working directory
119 CWD change working directory
121 HELP give help information
122 LIST give a list of files in a directory
124 MDTM show last modification time of file
125 MODE specify data transfer mode
126 NLST give name list of files in directory
128 PASS specify password
129 PASV prepare for server-to-server transfer
130 PORT specify data connection port
131 PWD print the current working directory
132 QUIT terminate session
133 REST restart incomplete transfer
135 RMD remove a directory
136 RNFR specify rename-from file name
137 RNTO specify rename-to file name
138 SITE non-standard commands (see next section)
139 SIZE return size of file
140 STAT return status of server
142 STOU store a file with a unique name
143 STRU specify data transfer structure
144 SYST show operating system type of server system
145 TYPE specify data transfer type
146 USER specify user name
147 XCUP change to parent of current working directory (deprecated)
148 XCWD change working directory (deprecated)
149 XMKD make a directory (deprecated)
150 XPWD print the current working directory (deprecated)
151 XRMD remove a directory (deprecated)
154 The following non-standard or UNIX-specific commands are supported
160 UMASK change umask (e.g. SITE UMASK 002)
161 IDLE set idle-timer (e.g. SITE IDLE 60)
162 CHMOD change mode of a file (e.g. SITE CHMOD 755 file)
163 HELP give help information (e.g. SITE HELP)
166 The remaining ftp requests specified in Internet RFC-959 are
167 recognized, but not implemented.
169 MDTM and SIZE are not specified in RFC-959, but will appear
170 in the next updated FTP RFC.
172 The ftp server will abort an active file transfer only when the
173 ABOR command is preceded by a Telnet "Interrupt Process" (IP)
174 signal and a Telnet "Synch" signal in the command Telnet stream,
175 as described in Internet RFC-959.
176 If a STAT command is received during a data transfer, preceded by
177 a Telnet IP and Synch, transfer status will be returned.
179 interprets file names according to the globbing conventions used by
181 This allows users to utilize the metacharacters
185 authenticates users according to three rules:
187 The user name must be in the password data base,
189 and not have a null password. In this case, a password
190 must be provided by the client before any file operations
193 The user name must not appear in the file
196 The user must have a standard shell returned by
197 .IR getusershell (3).
203 an anonymous ftp account must be present in the password
206 In this case, the user is allowed to log in by specifying any
207 password (by convention, this is given as the client host's name).
211 takes special measures to restrict the client's access privileges.
212 The server performs a
214 command to the home directory of the
217 In order that system security is not breached, it is recommended
220 subtree be constructed with care; the following
221 rules are recommended:
225 Make the home directory owned by
227 and unwritable by anyone.
230 Make this directory owned by the super-user and unwritable by
233 must be present to support the LIST command. This
234 program should have mode 111.
237 Make this directory owned by the super-user and unwritable by
242 must be present for the
244 command to be able to produce owner names rather than numbers.
245 The password field in
247 is not used, and should not contain real encrypted passwords.
248 These files should be mode 444.
251 Make this directory mode 777 and owned by
253 Users should then place files which are to be accessible via the
254 anonymous account in this directory.
268 The anonymous account is inherently dangerous and should
269 avoided when possible. In
271 it is a compile-time option that should be disabled if it is not
273 The server must run as the super-user
274 to create sockets with privileged port numbers. It maintains
275 an effective user id of the logged in user, reverting to
276 the super-user only when binding addresses to sockets. The
277 possible security holes have been scrutinized, but are possibly incomplete.
282 command appeared in 4.2BSD.
285 Originally written for BSD,
287 was modified at NRL by Randall Atkinson, Dan McDonald, and Craig Metz to
288 support OTP authentication.
291 OPIE is discussed on the Bellcore "S/Key Users" mailing list. To join,
292 send an email request to:
294 skey-users-request@thumper.bellcore.com
nant's projects / dragonfly.git / blob