DARPA internet file transfer protocol daemon (UNIX)
ftpd [-AdHklru] [-a anondir] [-c confdir] [-h hostname] [-V version]
|The current npm-ttcpip.so doesn't support keepalive.|
The ftpd daemon is a DARPA Internet File Transfer Protocol server. It uses the TCP protocol.
The ftpd daemon is started when inetd receives a service request at the port specified by the FTP entry in the /etc/services file (inetd listens for service requests specified in the /etc/inetd.conf file at a port defined in the services file).
|Since stdin and stdout must be TCP sockets, you should launch the ftpd daemon from the inetd daemon or from a similar application. It can't be started on the command line.|
The ftpd daemon checks for the existence of the following files. If a file exists, the appropriate action is performed.
|If this file exists:||Then ftpd:|
|/etc/ftpwelcome||Prints the contents of this file before the "FTP Ready" message is issued.|
|/etc/motd||Prints the contents of this file after a successful login. (This may be changed with the /etc/ftpd.conf directive upload.)|
|/etc/nologin||Disables FTP access and displays the contents of this file before exiting.|
The ftpd daemon currently supports the following ftp requests; case isn't distinguished.
|ABOR||Abort previous command|
|ACCT||Specify account (ignored)|
|APPE||Append to a file|
|CDUP||Change to parent of current working directory|
|CWD||Change working directory|
|DELE||Delete a file|
|EPSV||Prepare for server-to-server transfer|
|EPRT||Specify data connection port|
|FEAT||List extra features that aren't defined in RFC 959|
|HELP||Give help information|
|LIST||List files in a directory (ls -l)|
|LPSV||Prepare for server-to-server transfer|
|LPRT||Specify data connection port|
|MLSD||List contents of directory in a machine-processable form|
|MLST||Show a pathname in a machine-processable form|
|MKD||Make a directory|
|MDTM||Show last modification time of file|
|MODE||Specify data transfer mode|
|NLST||Give name list of files in directory|
|OPTS||Define persistent options for a given command|
|PASV||Prepare for server-to-server transfer|
|PORT||Specify data connection port|
|PWD||Print the current working directory|
|QUIT||Terminate a session|
|REIN||Terminate a user (ignored)|
|REST||Restart incomplete transfer|
|RETR||Retrieve a file|
|RMD||Remove a directory|
|RNFR||Specify rename-from filename|
|RNTO||Specify rename-to filename|
|SITE||Nonstandard commands (see the next section)|
|SIZE||Return size of file|
|SMNT||Mount a different filesystem data structure (ignored)|
|STAT||Return status of server|
|STOR||Store a file|
|STOU||Store a file with a unique name|
|STRU||Specify data transfer structure|
|SYST||Show operating system type of server system|
|TYPE||Specify data transfer type|
|XCUP||Change to parent of current working directory (deprecated)|
|XCWD||Change working directory (deprecated)|
|XMKD||Make a directory (deprecated)|
|XPWD||Print the current working directory (deprecated)|
|XRMD||Remove a directory (deprecated)|
|The following FTP requests (as specified in RFC 959) are recognized,
but aren't implemented: ACCT, REIN, and SMNT.
The MDTM and SIZE requests aren't specified in RFC 959, but will appear in the next RFC update.
The ftp daemon aborts an active file transfer only when the ABOR command is preceded by a Telnet "Interrupt Process" (IP) signal and by a Telnet "Synch" signal in the command Telnet stream, as described in Internet RFC 959. If a STAT command is received during a data transfer and is preceded by a Telnet IP and Synch, transfer status is returned.
The following nonstandard or UNIX-specific commands are supported by the SITE request:
|CHMOD||Change the mode of a file (e.g. SITE CHMOD 755 filename)|
|HELP||Give help information (e.g. SITE HELP)|
|IDLE||Set the idle-timer (e.g. SITE IDLE 60)|
|RATEGET||Set the maximum get rate throttle in bytes/second, e.g. SITE RATEGET 5k|
|RATEPUT||Set the maximum put rate throttle in bytes/second, e.g. SITE RATEPUT 5k|
|UMASK||Change the umask (e.g. SITE UMASK 002)|
Because the ftpd daemon interprets filenames according to the globbing conventions used by sh, users can employ these metacharacters:
* ? [ ] ~
The ftpd daemon authenticates users according to these rules:
The server performs a chroot() to the directory specified in the /etc/ftpd.conf chroot directive (if set), the -a anondir directory (if set), or to the home directory of the ftp user.
The server then performs a chdir() to the directory specified in the /etc/ftpd.conf homedir directive (if set), otherwise to /.
If other restrictions are required (such as disabling of certain commands and the setting of a specific umask), then appropriate entries in /etc/ftpd.conf are required.
If the first character of the password supplied by an anonymous user is -, then the verbose messages displayed at login and upon a CWD command are suppressed.
When ftpd displays various files back to the client (such as /etc/ftpwelcome and /etc/motd), various escape strings are replaced with information pertinent to the current connection.
The supported escape strings are:
|%C||Current working directory|
|%M||Maximum number of users for this class. Displays "unlimited" if there's no limit.|
|%N||Current number of users for this class|
|%%||A "%" character|
So that system security isn't breached, it's recommended that the ftp subtree be constructed with care; the following rules are recommended:
# cd ~ftp # mkdir -m0555 usr # chown root:root usr # mkdir -m0555 usr/lib # chown root:root usr/lib # cd usr/lib # cp /lib/libc.so.2 . # chmod 0555 libc.so.2 # chown root:root libc.so.2 # ln -s libc.so.2 ldqnx.so.2
Anonymous users are able to upload files to this directory, but they're unable to download them, delete them, or overwrite them due to the umask and disabling of the commands mentioned above.
Don't create this directory if you don't want to enable conversion commands or don't want to allow anonymous users uploading files here (see ~ftp/incoming above). Error messages from conversion or LIST commands won't be returned to the user. (This is the traditional behaviour.) The /etc/ftpd.conf upload directive can be used to prevent users uploading here.
To set up "ftp-only" accounts to provide FTP only with no valid shell login, you can:
This allows you to log in via FTP into accounts that have /sbin/ftplogin as the login shell.
RFC 959 provides no restrictions on the PORT command, and this can lead to security problems since ftpd can be fooled into connecting to any service on any host. If the checkportcmd directive of /etc/ftpd.conf is specified, PORT commands with different host addresses, or TCP ports lower than IPPORT_RESERVED, are rejected. This option prevents "third-party proxy ftp" from working. Use of this option is strongly recommended, and is enabled by default.
By default ftpd uses a port that is one less than the port it is listening on to communicate back to the client for the EPRT, LPTR, and PORT commands. As the default port for ftpd is a privileged port below IPPORT_RESERVED, ftpd retains the ability to switch back to root privileges to bind these ports. In order to increase security by reducing the potential for a bug in ftpd providing a remote root compromise, ftpd permanently drops root privileges if one of the following is true:
Don't create ~ftp/tmp if you don't want anonymous users to upload files there. The directory is necessary only if you want to display the error messages of conversion commands to the user. If uploads are disabled with the /etc/ftpd.conf directive upload, then this directory cannot be abused by the user in this way, so it should be safe to create.
The ftpd daemon requires the libsocket.so shared library.
The server must run as the superuser to create sockets with privileged port numbers. It maintains an effective user ID of the logged-in user, reverting to the superuser only when binding addresses to sockets. The possible security holes have been extensively scrutinized, but are possibly incomplete.
If the pipe manager isn't running, LIST and other commands may not be available.
ftp, /etc/ftpchroot, /etc/ftpd.conf, ftpusers, inetd, tftpd, pipe, syslogd
TCP/IP Networking in the Neutrino User's Guide
RFC 959, RFC 1123, RFC 2389, RFC 2428