2 FTPD(8) UNIX System Manager's Manual FTPD(8)
5 f
\bft
\btp
\bpd
\bd - Internet File Transfer Protocol server
7 S
\bSY
\bYN
\bNO
\bOP
\bPS
\bSI
\bIS
\bS
8 f
\bft
\btp
\bpd
\bd [-
\b-a
\ba _
\ba_
\bu_
\bt_
\bh_
\bm_
\bo_
\bd_
\be] [-
\b-d
\bdi
\bil
\blv
\bvU
\bU] [-
\b-g
\bg _
\bu_
\bm_
\ba_
\bs_
\bk] [-
\b-p
\bp _
\bp_
\bo_
\br_
\bt] [-
\b-T
\bT _
\bm_
\ba_
\bx_
\bt_
\bi_
\bm_
\be_
\bo_
\bu_
\bt] [-
\b-t
\bt
9 _
\bt_
\bi_
\bm_
\be_
\bo_
\bu_
\bt] [-
\b--
\b-g
\bgs
\bss
\bs-
\b-b
\bbi
\bin
\bnd
\bdi
\bin
\bng
\bgs
\bs] [-
\b-I
\bI | -
\b--
\b-n
\bno
\bo-
\b-i
\bin
\bns
\bse
\bec
\bcu
\bur
\bre
\be-
\b-o
\boo
\bob
\bb] [-
\b-u
\bu _
\bd_
\be_
\bf_
\ba_
\bu_
\bl_
\bt _
\bu_
\bm_
\ba_
\bs_
\bk] [-
\b-B
\bB
10 | -
\b--
\b-b
\bbu
\bui
\bil
\blt
\bti
\bin
\bn-
\b-l
\bls
\bs] [-
\b--
\b-g
\bgo
\boo
\bod
\bd-
\b-c
\bch
\bha
\bar
\brs
\bs=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg]
12 D
\bDE
\bES
\bSC
\bCR
\bRI
\bIP
\bPT
\bTI
\bIO
\bON
\bN
13 F
\bFt
\btp
\bpd
\bd is the Internet File Transfer Protocol server process. The server
14 uses the TCP protocol and listens at the port specified in the ``ftp''
15 service specification; see services(5).
19 -
\b-a
\ba Select the level of authentication required. Kerberised login
20 can not be turned off. The default is to only allow kerberised
21 login. Other possibilities can be turned on by giving a string
22 of comma separated flags as argument to -
\b-a
\ba. Recognised flags are:
24 _
\bp_
\bl_
\ba_
\bi_
\bn Allow logging in with plaintext password. The password can
25 be a(n) OTP or an ordinary password.
27 _
\bo_
\bt_
\bp Same as _
\bp_
\bl_
\ba_
\bi_
\bn, but only OTP is allowed.
29 _
\bf_
\bt_
\bp Allow anonymous login.
31 The following combination modes exists for backwards compatibili-
34 _
\bn_
\bo_
\bn_
\be Same as _
\bp_
\bl_
\ba_
\bi_
\bn_
\b,_
\bf_
\bt_
\bp.
36 _
\bs_
\ba_
\bf_
\be Same as _
\bf_
\bt_
\bp.
38 _
\bu_
\bs_
\be_
\br Ignored.
40 -
\b-d
\bd Debugging information is written to the syslog using LOG_FTP.
42 -
\b-g
\bg Anonymous users will get a umask of _
\bu_
\bm_
\ba_
\bs_
\bk.
44 -
\b--
\b-g
\bgs
\bss
\bs-
\b-b
\bbi
\bin
\bnd
\bdi
\bin
\bng
\bgs
\bs
45 require the peer to use GSS-API bindings (ie make sure IP ad-
48 -
\b-i
\bi Open a socket and wait for a connection. This is mainly used for
49 debugging when ftpd isn't started by inetd.
51 -
\b-l
\bl Each successful and failed ftp(1) session is logged using syslog
52 with a facility of LOG_FTP. If this option is specified twice,
53 the retrieve (get), store (put), append, delete, make directory,
54 remove directory and rename operations and their filename argu-
55 ments are also logged.
57 -
\b-p
\bp Use _
\bp_
\bo_
\br_
\bt (a service name or number) instead of the default
58 _
\bf_
\bt_
\bp_
\b/_
\bt_
\bc_
\bp.
60 -
\b-T
\bT A client may also request a different timeout period; the maximum
61 period allowed may be set to _
\bt_
\bi_
\bm_
\be_
\bo_
\bu_
\bt seconds with the -
\b-T
\bT option.
62 The default limit is 2 hours.
64 -
\b-t
\bt The inactivity timeout period is set to _
\bt_
\bi_
\bm_
\be_
\bo_
\bu_
\bt seconds (the de-
68 -
\b-u
\bu Set the initial umask to something else than the default 027.
70 -
\b-U
\bU In previous versions of f
\bft
\btp
\bpd
\bd, when a passive mode client request-
71 ed a data connection to the server, the server would use data
72 ports in the range 1024..4999. Now, by default, if the system
73 supports the IP_PORTRANGE socket option, the server will use data
74 ports in the range 49152..65535. Specifying this option will re-
75 vert to the old behavior.
77 -
\b-v
\bv Verbose mode.
79 -
\b-B
\bB, -
\b--
\b-b
\bbu
\bui
\bil
\blt
\bti
\bin
\bn-
\b-l
\bls
\bs
80 use built-in ls to list files
82 -
\b--
\b-g
\bgo
\boo
\bod
\bd-
\b-c
\bch
\bha
\bar
\brs
\bs=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg
83 allowed anonymous upload filename chars
85 -
\b-I
\bI -
\b--
\b-n
\bno
\bo-
\b-i
\bin
\bns
\bse
\bec
\bcu
\bur
\bre
\be-
\b-o
\boo
\bob
\bb
86 don't allow insecure out of band. Heimdal ftp client before 0.7
87 doesn't support secure oob, so turning on this options makes them
90 The file _
\b/_
\be_
\bt_
\bc_
\b/_
\bn_
\bo_
\bl_
\bo_
\bg_
\bi_
\bn can be used to disable ftp access. If the file ex-
91 ists, f
\bft
\btp
\bpd
\bd displays it and exits. If the file _
\b/_
\be_
\bt_
\bc_
\b/_
\bf_
\bt_
\bp_
\bw_
\be_
\bl_
\bc_
\bo_
\bm_
\be exists,
92 f
\bft
\btp
\bpd
\bd prints it before issuing the ``ready'' message. If the file
93 _
\b/_
\be_
\bt_
\bc_
\b/_
\bm_
\bo_
\bt_
\bd exists, f
\bft
\btp
\bpd
\bd prints it after a successful login.
95 The ftp server currently supports the following ftp requests. The case
96 of the requests is ignored.
99 ABOR abort previous command
100 ACCT specify account (ignored)
101 ALLO allocate storage (vacuously)
102 APPE append to a file
103 CDUP change to parent of current working directory
104 CWD change working directory
106 HELP give help information
107 LIST give list files in a directory (``ls -lgA'')
109 MDTM show last modification time of file
110 MODE specify data transfer _
\bm_
\bo_
\bd_
\be
111 NLST give name list of files in directory
113 PASS specify password
114 PASV prepare for server-to-server transfer
115 PORT specify data connection port
116 PWD print the current working directory
117 QUIT terminate session
118 REST restart incomplete transfer
120 RMD remove a directory
121 RNFR specify rename-from file name
122 RNTO specify rename-to file name
123 SITE non-standard commands (see next section)
124 SIZE return size of file
125 STAT return status of server
127 STOU store a file with a unique name
128 STRU specify data transfer _
\bs_
\bt_
\br_
\bu_
\bc_
\bt_
\bu_
\br_
\be
129 SYST show operating system type of server system
132 TYPE specify data transfer _
\bt_
\by_
\bp_
\be
133 USER specify user name
134 XCUP change to parent of current working directory
136 XCWD change working directory (deprecated)
137 XMKD make a directory (deprecated)
138 XPWD print the current working directory (deprecated)
139 XRMD remove a directory (deprecated)
141 The following commands are specified by RFC2228.
143 AUTH authentication/security mechanism
144 ADAT authentication/security data
145 PROT data channel protection level
146 PBSZ protection buffer size
147 MIC integrity protected command
148 CONF confidentiality protected command
149 ENC privacy protected command
150 CCC clear command channel
152 The following non-standard or UNIX specific commands are supported by the
155 UMASK change umask, (e.g. S
\bSI
\bIT
\bTE
\bE U
\bUM
\bMA
\bAS
\bSK
\bK 0
\b00
\b02
\b2)
156 IDLE set idle-timer, (e.g. S
\bSI
\bIT
\bTE
\bE I
\bID
\bDL
\bLE
\bE 6
\b60
\b0)
157 CHMOD change mode of a file (e.g. S
\bSI
\bIT
\bTE
\bE C
\bCH
\bHM
\bMO
\bOD
\bD 7
\b75
\b55
\b5 f
\bfi
\bil
\ble
\ben
\bna
\bam
\bme
\be)
158 FIND quickly find a specific file with GNU locate(1).
159 HELP give help information.
161 The following Kerberos related site commands are understood.
163 KAUTH obtain remote tickets.
164 KLIST show remote tickets
166 The remaining ftp requests specified in Internet RFC 959 are recognized,
167 but not implemented. MDTM and SIZE are not specified in RFC 959, but
168 will appear in the next updated FTP RFC.
170 The ftp server will abort an active file transfer only when the ABOR com-
171 mand is preceded by a Telnet "Interrupt Process" (IP) signal and a Telnet
172 "Synch" signal in the command Telnet stream, as described in Internet RFC
173 959. If a STAT command is received during a data transfer, preceded by a
174 Telnet IP and Synch, transfer status will be returned.
176 F
\bFt
\btp
\bpd
\bd interprets file names according to the ``globbing'' conventions used
177 by csh(1). This allows users to use the metacharacters ``*?[]{}~''.
179 F
\bFt
\btp
\bpd
\bd authenticates users according to these rules.
181 1. If Kerberos authentication is used, the user must pass valid
182 tickets and the principal must be allowed to login as the re-
185 2. The login name must be in the password data base, and not have
186 a null password (if Kerberos is used the password field is not
187 checked). In this case a password must be provided by the
188 client before any file operations may be performed. If the
189 user has an OTP key, the response from a successful USER com-
190 mand will include an OTP challenge. The client may choose to
191 respond with a PASS command giving either a standard password
192 or an OTP one-time password. The server will automatically de-
193 termine which type of password it has been given and attempt
194 to authenticate accordingly. See otp(1) for more information
195 on OTP authentication.
198 3. The login name must not appear in the file _
\b/_
\be_
\bt_
\bc_
\b/_
\bf_
\bt_
\bp_
\bu_
\bs_
\be_
\br_
\bs.
200 4. The user must have a standard shell returned by
203 5. If the user name appears in the file _
\b/_
\be_
\bt_
\bc_
\b/_
\bf_
\bt_
\bp_
\bc_
\bh_
\br_
\bo_
\bo_
\bt the ses-
204 sion's root will be changed to the user's login directory by
205 chroot(2) as for an ``anonymous'' or ``ftp'' account (see next
206 item). However, the user must still supply a password. This
207 feature is intended as a compromise between a fully anonymous
208 account and a fully privileged account. The account should
209 also be set up as for an anonymous account.
211 6. If the user name is ``anonymous'' or ``ftp'', an anonymous ftp
212 account must be present in the password file (user ``ftp'').
213 In this case the user is allowed to log in by specifying any
214 password (by convention an email address for the user should
215 be used as the password).
217 In the last case, f
\bft
\btp
\bpd
\bd takes special measures to restrict the client's
218 access privileges. The server performs a chroot(2) to the home directory
219 of the ``ftp'' user. In order that system security is not breached, it
220 is recommended that the ``ftp'' subtree be constructed with care, consid-
221 er following these guidelines for anonymous ftp.
223 In general all files should be owned by ``root'', and have non-write per-
224 missions (644 or 755 depending on the kind of file). No files should be
225 owned or writable by ``ftp'' (possibly with exception for the
226 _
\b~_
\bf_
\bt_
\bp_
\b/_
\bi_
\bn_
\bc_
\bo_
\bm_
\bi_
\bn_
\bg, as specified below).
228 _
\b~_
\bf_
\bt_
\bp The ``ftp'' homedirectory should be owned by root.
230 _
\b~_
\bf_
\bt_
\bp_
\b/_
\bb_
\bi_
\bn The directory for external programs (such as ls(1)).
231 These programs must either be statically linked, or you
232 must setup an environment for dynamic linking when run-
233 ning chrooted. These programs will be used if present:
235 ls Used when listing files.
238 When retrieving a filename that ends in _
\b._
\bZ,
239 and that file isn't present, f
\bft
\btp
\bpd
\bd will try
240 to find the filename without _
\b._
\bZ and com-
243 gzip Same as compress, just with files ending in
246 gtar Enables retrieval of whole directories as
247 files ending in _
\b._
\bt_
\ba_
\br. Can also be combined
248 with compression. You must use GNU Tar (or
249 some other that supports the -
\b-z
\bz and -
\b-Z
\bZ
252 locate Will enable ``fast find'' with the S
\bSI
\bIT
\bTE
\bE
253 F
\bFI
\bIN
\bND
\bD command. You must also create a
254 _
\bl_
\bo_
\bc_
\ba_
\bt_
\be_
\bd_
\bb file in _
\b~_
\bf_
\bt_
\bp_
\b/_
\be_
\bt_
\bc.
256 _
\b~_
\bf_
\bt_
\bp_
\b/_
\be_
\bt_
\bc If you put copies of the passwd(5) and group(5) files
257 here, ls will be able to produce owner names rather than
258 numbers. Remember to remove any passwords from these
261 The file _
\bm_
\bo_
\bt_
\bd, if present, will be printed after a suc-
266 _
\b~_
\bf_
\bt_
\bp_
\b/_
\bd_
\be_
\bv Put a copy of /dev/null(7) here.
268 _
\b~_
\bf_
\bt_
\bp_
\b/_
\bp_
\bu_
\bb Traditional place to put whatever you want to make pub-
271 If you want guests to be able to upload files, create a _
\b~_
\bf_
\bt_
\bp_
\b/_
\bi_
\bn_
\bc_
\bo_
\bm_
\bi_
\bn_
\bg di-
272 rectory owned by ``root'', and group ``ftp'' with mode 730 (make sure
273 ``ftp'' is member of group ``ftp''). The following restrictions apply to
276 +
\b+
\bo
\bo Directories created will have mode 700.
278 +
\b+
\bo
\bo Uploaded files will be created with an umask of 777, if not changed
279 with the -
\b-g
\bg option.
281 +
\b+
\bo
\bo These command are not accessible: D
\bDE
\bEL
\bLE
\bE, R
\bRM
\bMD
\bD, R
\bRN
\bNT
\bTO
\bO, R
\bRN
\bNF
\bFR
\bR, S
\bSI
\bIT
\bTE
\bE U
\bUM
\bMA
\bAS
\bSK
\bK,
282 and S
\bSI
\bIT
\bTE
\bE C
\bCH
\bHM
\bMO
\bOD
\bD.
284 +
\b+
\bo
\bo Filenames must start with an alpha-numeric character, and consist of
285 alpha-numeric characters or any of the following: + (plus), - (mi-
286 nus), = (equal), _ (underscore), . (period), and , (comma).
289 /etc/ftpusers Access list for users.
290 /etc/ftpchroot List of normal users who should be chroot'd.
291 /etc/ftpwelcome Welcome notice.
292 /etc/motd Welcome notice after login.
293 /etc/nologin Displayed and access refused.
294 ~/.klogin Login access for Kerberos.
296 S
\bSE
\bEE
\bE A
\bAL
\bLS
\bSO
\bO
297 ftp(1), otp(1), getusershell(3), ftpusers(5), syslogd(8)
299 S
\bST
\bTA
\bAN
\bND
\bDA
\bAR
\bRD
\bDS
\bS
300 R
\bRF
\bFC
\bC 9
\b95
\b59
\b9 FTP PROTOCOL SPECIFICATION
301 R
\bRF
\bFC
\bC 1
\b19
\b93
\b38
\b8 OTP Specification
302 R
\bRF
\bFC
\bC 2
\b22
\b22
\b28
\b8 FTP Security Extensions.
305 The server must run as the super-user to create sockets with privileged
306 port numbers. It maintains an effective user id of the logged in user,
307 reverting to the super-user only when binding addresses to sockets. The
308 possible security holes have been extensively scrutinized, but are possi-
311 H
\bHI
\bIS
\bST
\bTO
\bOR
\bRY
\bY
312 The f
\bft
\btp
\bpd
\bd command appeared in 4.2BSD.
314 4.2 Berkeley Distribution July 19, 2003 5