remove gcc34

[dragonfly.git] / crypto / heimdal-0.6.3 / appl / ftp / ftpd / ftpd.cat8

FTPD(8)                  UNIX System Manager's Manual                  FTPD(8)

N\bNA\bAM\bME\bE
     f\bft\btp\bpd\bd - Internet File Transfer Protocol server

S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
     f\bft\btp\bpd\bd [-\b-a\ba _\ba_\bu_\bt_\bh_\bm_\bo_\bd_\be] [-\b-d\bdi\bil\blv\bvU\bU] [-\b-g\bg _\bu_\bm_\ba_\bs_\bk] [-\b-p\bp _\bp_\bo_\br_\bt] [-\b-T\bT _\bm_\ba_\bx_\bt_\bi_\bm_\be_\bo_\bu_\bt] [-\b-t\bt
     _\bt_\bi_\bm_\be_\bo_\bu_\bt] [-\b--\b-g\bgs\bss\bs-\b-b\bbi\bin\bnd\bdi\bin\bng\bgs\bs] [-\b-I\bI | -\b--\b-n\bno\bo-\b-i\bin\bns\bse\bec\bcu\bur\bre\be-\b-o\boo\bob\bb] [-\b-u\bu _\bd_\be_\bf_\ba_\bu_\bl_\bt _\bu_\bm_\ba_\bs_\bk] [-\b-B\bB
     | -\b--\b-b\bbu\bui\bil\blt\bti\bin\bn-\b-l\bls\bs] [-\b--\b-g\bgo\boo\bod\bd-\b-c\bch\bha\bar\brs\bs=\b=_\bs_\bt_\br_\bi_\bn_\bg]

D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
     F\bFt\btp\bpd\bd is the Internet File Transfer Protocol server process.  The server
     uses the TCP protocol and listens at the port specified in the ``ftp''
     service specification; see services(5).

     Available options:

     -\b-a\ba      Select the level of authentication required.  Kerberised login
             can not be turned off. The default is to only allow kerberised
             login.  Other possibilities can be turned on by giving a string
             of comma separated flags as argument to -\b-a\ba. Recognised flags are:

             _\bp_\bl_\ba_\bi_\bn  Allow logging in with plaintext password. The password can
                    be a(n) OTP or an ordinary password.

             _\bo_\bt_\bp    Same as _\bp_\bl_\ba_\bi_\bn, but only OTP is allowed.

             _\bf_\bt_\bp    Allow anonymous login.

             The following combination modes exists for backwards compatibili-
             ty:

             _\bn_\bo_\bn_\be   Same as _\bp_\bl_\ba_\bi_\bn_\b,_\bf_\bt_\bp.

             _\bs_\ba_\bf_\be   Same as _\bf_\bt_\bp.

             _\bu_\bs_\be_\br   Ignored.

     -\b-d\bd      Debugging information is written to the syslog using LOG_FTP.

     -\b-g\bg      Anonymous users will get a umask of _\bu_\bm_\ba_\bs_\bk.

     -\b--\b-g\bgs\bss\bs-\b-b\bbi\bin\bnd\bdi\bin\bng\bgs\bs
             require the peer to use GSS-API bindings (ie make sure IP ad-
             dresses match).

     -\b-i\bi      Open a socket and wait for a connection. This is mainly used for
             debugging when ftpd isn't started by inetd.

     -\b-l\bl      Each successful and failed ftp(1) session is logged using syslog
             with a facility of LOG_FTP.  If this option is specified twice,
             the retrieve (get), store (put), append, delete, make directory,
             remove directory and rename operations and their filename argu-
             ments are also logged.

     -\b-p\bp      Use _\bp_\bo_\br_\bt (a service name or number) instead of the default
             _\bf_\bt_\bp_\b/_\bt_\bc_\bp.

     -\b-T\bT      A client may also request a different timeout period; the maximum
             period allowed may be set to _\bt_\bi_\bm_\be_\bo_\bu_\bt seconds with the -\b-T\bT option.
             The default limit is 2 hours.

     -\b-t\bt      The inactivity timeout period is set to _\bt_\bi_\bm_\be_\bo_\bu_\bt seconds (the de-

             fault is 15 minutes).

     -\b-u\bu      Set the initial umask to something else than the default 027.

     -\b-U\bU      In previous versions of f\bft\btp\bpd\bd, when a passive mode client request-
             ed a data connection to the server, the server would use data
             ports in the range 1024..4999.  Now, by default, if the system
             supports the IP_PORTRANGE socket option, the server will use data
             ports in the range 49152..65535.  Specifying this option will re-
             vert to the old behavior.

     -\b-v\bv      Verbose mode.

     -\b-B\bB, -\b--\b-b\bbu\bui\bil\blt\bti\bin\bn-\b-l\bls\bs
             use built-in ls to list files

     -\b--\b-g\bgo\boo\bod\bd-\b-c\bch\bha\bar\brs\bs=\b=_\bs_\bt_\br_\bi_\bn_\bg
             allowed anonymous upload filename chars

     -\b-I\bI -\b--\b-n\bno\bo-\b-i\bin\bns\bse\bec\bcu\bur\bre\be-\b-o\boo\bob\bb
             don't allow insecure out of band.  Heimdal ftp client before 0.7
             doesn't support secure oob, so turning on this options makes them
             no longer work.

     The file _\b/_\be_\bt_\bc_\b/_\bn_\bo_\bl_\bo_\bg_\bi_\bn can be used to disable ftp access.  If the file ex-
     ists, f\bft\btp\bpd\bd displays it and exits.  If the file _\b/_\be_\bt_\bc_\b/_\bf_\bt_\bp_\bw_\be_\bl_\bc_\bo_\bm_\be exists,
     f\bft\btp\bpd\bd prints it before issuing the ``ready'' message.  If the file
     _\b/_\be_\bt_\bc_\b/_\bm_\bo_\bt_\bd exists, f\bft\btp\bpd\bd prints it after a successful login.

     The ftp server currently supports the following ftp requests.  The case
     of the requests is ignored.

           Request    Description
           ABOR       abort previous command
           ACCT       specify account (ignored)
           ALLO       allocate storage (vacuously)
           APPE       append to a file
           CDUP       change to parent of current working directory
           CWD        change working directory
           DELE       delete a file
           HELP       give help information
           LIST       give list files in a directory (``ls -lgA'')
           MKD        make a directory
           MDTM       show last modification time of file
           MODE       specify data transfer _\bm_\bo_\bd_\be
           NLST       give name list of files in directory
           NOOP       do nothing
           PASS       specify password
           PASV       prepare for server-to-server transfer
           PORT       specify data connection port
           PWD        print the current working directory
           QUIT       terminate session
           REST       restart incomplete transfer
           RETR       retrieve a file
           RMD        remove a directory
           RNFR       specify rename-from file name
           RNTO       specify rename-to file name
           SITE       non-standard commands (see next section)
           SIZE       return size of file
           STAT       return status of server
           STOR       store a file
           STOU       store a file with a unique name
           STRU       specify data transfer _\bs_\bt_\br_\bu_\bc_\bt_\bu_\br_\be
           SYST       show operating system type of server system


           TYPE       specify data transfer _\bt_\by_\bp_\be
           USER       specify user name
           XCUP       change to parent of current working directory
                      (deprecated)
           XCWD       change working directory (deprecated)
           XMKD       make a directory (deprecated)
           XPWD       print the current working directory (deprecated)
           XRMD       remove a directory (deprecated)

     The following commands are specified by RFC2228.

           AUTH       authentication/security mechanism
           ADAT       authentication/security data
           PROT       data channel protection level
           PBSZ       protection buffer size
           MIC        integrity protected command
           CONF       confidentiality protected command
           ENC        privacy protected command
           CCC        clear command channel

     The following non-standard or UNIX specific commands are supported by the
     SITE request.

           UMASK      change umask, (e.g. S\bSI\bIT\bTE\bE U\bUM\bMA\bAS\bSK\bK 0\b00\b02\b2)
           IDLE       set idle-timer, (e.g. S\bSI\bIT\bTE\bE I\bID\bDL\bLE\bE 6\b60\b0)
           CHMOD      change mode of a file (e.g. S\bSI\bIT\bTE\bE C\bCH\bHM\bMO\bOD\bD 7\b75\b55\b5 f\bfi\bil\ble\ben\bna\bam\bme\be)
           FIND       quickly find a specific file with GNU locate(1).
           HELP       give help information.

     The following Kerberos related site commands are understood.

           KAUTH      obtain remote tickets.
           KLIST      show remote tickets

     The remaining ftp requests specified in Internet RFC 959 are recognized,
     but not implemented.  MDTM and SIZE are not specified in RFC 959, but
     will appear in the next updated FTP RFC.

     The ftp server will abort an active file transfer only when the ABOR com-
     mand is preceded by a Telnet "Interrupt Process" (IP) signal and a Telnet
     "Synch" signal in the command Telnet stream, as described in Internet RFC
     959.  If a STAT command is received during a data transfer, preceded by a
     Telnet IP and Synch, transfer status will be returned.

     F\bFt\btp\bpd\bd interprets file names according to the ``globbing'' conventions used
     by csh(1).  This allows users to use the metacharacters ``*?[]{}~''.

     F\bFt\btp\bpd\bd authenticates users according to these rules.

           1.   If Kerberos authentication is used, the user must pass valid
                tickets and the principal must be allowed to login as the re-
                mote user.

           2.   The login name must be in the password data base, and not have
                a null password (if Kerberos is used the password field is not
                checked).  In this case a password must be provided by the
                client before any file operations may be performed.  If the
                user has an OTP key, the response from a successful USER com-
                mand will include an OTP challenge. The client may choose to
                respond with a PASS command giving either a standard password
                or an OTP one-time password. The server will automatically de-
                termine which type of password it has been given and attempt
                to authenticate accordingly. See otp(1) for more information
                on OTP authentication.


           3.   The login name must not appear in the file _\b/_\be_\bt_\bc_\b/_\bf_\bt_\bp_\bu_\bs_\be_\br_\bs.

           4.   The user must have a standard shell returned by
                getusershell(3).

           5.   If the user name appears in the file _\b/_\be_\bt_\bc_\b/_\bf_\bt_\bp_\bc_\bh_\br_\bo_\bo_\bt the ses-
                sion's root will be changed to the user's login directory by
                chroot(2) as for an ``anonymous'' or ``ftp'' account (see next
                item).  However, the user must still supply a password.  This
                feature is intended as a compromise between a fully anonymous
                account and a fully privileged account.  The account should
                also be set up as for an anonymous account.

           6.   If the user name is ``anonymous'' or ``ftp'', an anonymous ftp
                account must be present in the password file (user ``ftp'').
                In this case the user is allowed to log in by specifying any
                password (by convention an email address for the user should
                be used as the password).

     In the last case, f\bft\btp\bpd\bd takes special measures to restrict the client's
     access privileges.  The server performs a chroot(2) to the home directory
     of the ``ftp'' user.  In order that system security is not breached, it
     is recommended that the ``ftp'' subtree be constructed with care, consid-
     er following these guidelines for anonymous ftp.

     In general all files should be owned by ``root'', and have non-write per-
     missions (644 or 755 depending on the kind of file). No files should be
     owned or writable by ``ftp'' (possibly with exception for the
     _\b~_\bf_\bt_\bp_\b/_\bi_\bn_\bc_\bo_\bm_\bi_\bn_\bg, as specified below).

           _\b~_\bf_\bt_\bp      The ``ftp'' homedirectory should be owned by root.

           _\b~_\bf_\bt_\bp_\b/_\bb_\bi_\bn  The directory for external programs (such as ls(1)).
                     These programs must either be statically linked, or you
                     must setup an environment for dynamic linking when run-
                     ning chrooted.  These programs will be used if present:

                           ls      Used when listing files.

                           compress
                                   When retrieving a filename that ends in _\b._\bZ,
                                   and that file isn't present, f\bft\btp\bpd\bd will try
                                   to find the filename without _\b._\bZ and com-
                                   press it on the fly.

                           gzip    Same as compress, just with files ending in
                                   _\b._\bg_\bz.

                           gtar    Enables retrieval of whole directories as
                                   files ending in _\b._\bt_\ba_\br. Can also be combined
                                   with compression. You must use GNU Tar (or
                                   some other that supports the -\b-z\bz and -\b-Z\bZ
                                   flags).

                           locate  Will enable ``fast find'' with the S\bSI\bIT\bTE\bE
                                   F\bFI\bIN\bND\bD command. You must also create a
                                   _\bl_\bo_\bc_\ba_\bt_\be_\bd_\bb file in _\b~_\bf_\bt_\bp_\b/_\be_\bt_\bc.

           _\b~_\bf_\bt_\bp_\b/_\be_\bt_\bc  If you put copies of the passwd(5) and group(5) files
                     here, ls will be able to produce owner names rather than
                     numbers. Remember to remove any passwords from these
                     files.

                     The file _\bm_\bo_\bt_\bd, if present, will be printed after a suc-


                     cessful login.

           _\b~_\bf_\bt_\bp_\b/_\bd_\be_\bv  Put a copy of /dev/null(7) here.

           _\b~_\bf_\bt_\bp_\b/_\bp_\bu_\bb  Traditional place to put whatever you want to make pub-
                     lic.

     If you want guests to be able to upload files, create a _\b~_\bf_\bt_\bp_\b/_\bi_\bn_\bc_\bo_\bm_\bi_\bn_\bg di-
     rectory owned by ``root'', and group ``ftp'' with mode 730 (make sure
     ``ftp'' is member of group ``ftp''). The following restrictions apply to
     anonymous users:

     +\b+\bo\bo   Directories created will have mode 700.

     +\b+\bo\bo   Uploaded files will be created with an umask of 777, if not changed
         with the -\b-g\bg option.

     +\b+\bo\bo   These command are not accessible: D\bDE\bEL\bLE\bE, R\bRM\bMD\bD, R\bRN\bNT\bTO\bO, R\bRN\bNF\bFR\bR, S\bSI\bIT\bTE\bE U\bUM\bMA\bAS\bSK\bK,
         and S\bSI\bIT\bTE\bE C\bCH\bHM\bMO\bOD\bD.

     +\b+\bo\bo   Filenames must start with an alpha-numeric character, and consist of
         alpha-numeric characters or any of the following: + (plus), - (mi-
         nus), = (equal), _ (underscore), . (period), and , (comma).

F\bFI\bIL\bLE\bES\bS
     /etc/ftpusers    Access list for users.
     /etc/ftpchroot   List of normal users who should be chroot'd.
     /etc/ftpwelcome  Welcome notice.
     /etc/motd        Welcome notice after login.
     /etc/nologin     Displayed and access refused.
     ~/.klogin        Login access for Kerberos.

S\bSE\bEE\bE A\bAL\bLS\bSO\bO
     ftp(1),  otp(1),  getusershell(3),  ftpusers(5),  syslogd(8)

S\bST\bTA\bAN\bND\bDA\bAR\bRD\bDS\bS
     R\bRF\bFC\bC 9\b95\b59\b9   FTP PROTOCOL SPECIFICATION
     R\bRF\bFC\bC 1\b19\b93\b38\b8  OTP Specification
     R\bRF\bFC\bC 2\b22\b22\b28\b8  FTP Security Extensions.

B\bBU\bUG\bGS\bS
     The server must run as the super-user to create sockets with privileged
     port numbers.  It maintains an effective user id of the logged in user,
     reverting to the super-user only when binding addresses to sockets.  The
     possible security holes have been extensively scrutinized, but are possi-
     bly incomplete.

H\bHI\bIS\bST\bTO\bOR\bRY\bY
     The f\bft\btp\bpd\bd command appeared in 4.2BSD.

4.2 Berkeley Distribution        July 19, 2003                               5