General Information
This guide describes the steps for both enabling and disabling anonymous FTP.
Requirements
- root access.
Configuration
All needed features are installed by default – only configuration is needed.
Enabling Anonymous FTP
Enabling anonymous FTP can be done during installation. If it must be done after the installation, do the following:
# sysinstall
Select Index
Select Anon FTP and when prompted, select yes.
The user id is 14 by default. The group is 5 (operators) by default. The home directory is /var/ftp by default. I like to put it in /usr/ftp. The Upload Subdirectory field is incoming by default. Leave the defaults or make any configuration changes if desired.
Sysinstall creates the user and the home directory but does not configure and enable inetd or set it to launch at startup. To configure inetd, edit the /etc/inetd.conf.
# ee /etc/inetd.conf
Find the following line
#ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
Remove the “#” character.
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l -r
Start inetd
# inetd
# killall -HUP inetd
Edit /etc/rc.conf to start inetd.conf at startup.
# echo 'inetd_enable="YES"' >> /etc/rc.conf
Verify that inetd is running an open on port 21 with the following command.
# sockstat -4
Test the configuration by connecting via ftp.
Disabling Anomymous FTP
While sysinstall is easily used to enable anonymous ftp, it does not disable it. This must be done manually.
Remove the ftp user.
# rmuser ftp
# rmuser -y ftp
Disable ftp in inetd.conf
# ee /etc/inetd.conf
Find the following line
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
Add the "#" character to the front of the line.
#ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
Restart inetd.
# killall -HUP inetd
Verify that inetd is no longer open on port 21 with the following command.
# sockstat -4
Anonymous ftp is now disabled.