RedHat 7.3 FTP Question
Results 1 to 4 of 4

Thread: RedHat 7.3 FTP Question

  1. #1
    Member
    Join Date
    Feb 2002
    Posts
    83

    Question RedHat 7.3 FTP Question

    Greets.
    I have just reinstalled RedHat 7.3 and it's textmode only. Therefore I was wondering if anyone could tell me how to config the FTP daemon because I have no idea. Also I've looked over a bunch of web sites (including redhat.com) but they all refer to Gnome or KDE. Needless to say, this doesn't help me very much.

    So then I was wondering if anyone could help me out?
    Thanks.
    To be God is to be Root, if someone is erking you just type: rm -d /home/heathen

  2. #2
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    ok, you need to configure access to the ftp service by editing the file /etc/ftpaccess

    This will let you determine who/when/what people can access. If you are configuring anonymous ftp, I think there is another rpm in RH 7.3(called anonftp-version_numbers_here.i386.rpm which will setup a number of the different things you need to do, including the chroot jail, and the environment that needs to be created there so that users can perform some commands.

    If it is not anonymous, you will need to disable anonymous access in the ftpaccess file.

    here is a sample ftpaccess file, which was created using the KDE wu_ftpd configuration app.... it denies anonymous access, and does not allow anonymous logins(although the configuration file is obscure enough that I don't understand why). This file is not a "secure" production ready config, it is just one that works, who knows how well.

    #############################################
    # This file was generated by the KDE wu-ftpd configurator.
    # (c) 2000 by Bernhard Rosenkr?nzer (bero@redhat.com)
    class all guest,real *
    noretrieve
    loginfails 5
    private no
    email admin@no-place.com
    message /welcome.msg LOGIN
    message .message CWD=*
    readme README* LOGIN
    readme README* CWD=*
    chmod no anonymous,guest
    delete no anonymous
    overwrite no anonymous
    rename no anonymous
    passwd-check rfc822 warn
    log commands anonymous,guest,real
    log transfers anonymous,guest,real inbound
    log transfers anonymous,guest,real outbound
    #######################################
    Once you have that file configured, you will need to run

    chkconfig wu_ftpd on

    In order that xinetd(or inetd, I forget) will listen for connections on port 21, and start the ftp service as required.

    wu_ftp has had some security issues in the past, and, redhat moved to vsftp(I think) with redhat 8.0, so you might want to consider removing wu_ftp and getting the rpm for vsftp. Unfortunately, I can't help you configure vsftpd, as I have not installed it on any machines I have access to atm.

    Also, I would recommend that you not install ftp service at all, unless you absolutely positively have no choice. secure shell will handle secure connections from several utilites for secure remote file transfer. FTP is mostly a big gaping security hole, and I only use it when I have no choice. Of course, you could also add some encryption to regular ftp, but, that does not address many of the security issues with ftp, which(except for plain text passwords) arise after connection to the server.

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    634
    I know it is obvious and that I should not bother you with such a question but: Have you tried the simple "man ftpd" command?
    There are a bunch of useful informations in order to start you can find with it.
    Life is boring. Play NetHack... --more--

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    Greets.
    I have just reinstalled RedHat 7.3 and it's textmode only. Therefore I was wondering if anyone could tell me how to config the FTP daemon because I have no idea. Also I've looked over a bunch of web sites (including redhat.com) but they all refer to Gnome or KDE. Needless to say, this doesn't help me very much.
    The FTP daemon that comes with Redhat 7.3 is wu-ftpd which has had problems in the past with security. There have been multiple buffer overflows and other vulnerabilities found in the source. I'd like to shamelessly plug proftpd, which was specifically designed with security in mind. It's also very easy to configure. The config file is based on the apache httpd configuration file so it's easy to figure out. Check out the website here.
    OpenBSD - The proactively secure operating system.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •