Related Resources • Linux Newbie Administrator Guide • 0. Linux Benefit • 1. Before Installation • 2. Linux Resources/Help • 3. Basic Operations FAQ • 4. Newbie Admin FAQ • ~ 4.1 Lilo • ~ 4.2 Drives • ~ 4.3 X-Windows • ~ 4.4 Configurations • ~ 4.5 Networking • 5. Shortcuts / Commands • 6. Linux Applications • 7. Learn Linux Commands • A. How to Upgrade Kernel?

4.5.8 Simple ftp server

With older my RedHat Linux distribution (RH<7.1),  setting up an ftp server could not be simpler--it just works out-of-box.  This is because the ftp service is enabled on default as one of the standard services (as is telnet and gopher), in the file /etc/inetd.conf. Here is the relevant part of my /etc/inted.conf:

ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  in.ftpd -l -a
telnet  stream  tcp     nowait  root    /usr/sbin/tcpd  in.telnetd
gopher  stream  tcp     nowait  root    /usr/sbin/tcpd  gn

The second part of my ftp server setup is in the file /etc/passwd which defines the ftp account:

ftp:*:14:50:FTP User:/home/ftp:

The ":" is a field separator. The first field is the account (user) name "ftp", the "*" in the second field indicates that the password is disabled (nobody can login under the "ftp" user name), the user id is 14, group id is 50, "FTP User" is a comment, the home directory is /home/ftp, the last field is empty (for "normal" user accounts, it specifies the name of the shell for the user).

Because this setup was already done for me by RedHat,  anybody can ftp my computer and either login as a user (will be prompted for password and directed to his/her home directory), or login as "anonymous" and give his/her e-mail address as a password.  Any user can also enter something like this on the Netscape "location" line:

ftp://my_computer_name

and connect automatically (Netscape will take care of sending the "anonymous" user name and the e-mail address as password).

The "anonymous" ftp users are directed to the directory /home/ftp ,  which appears to be a root directory to them (they cannot access any directory above it). I put the files I want to serve in the subdirectory /home/ftp/pub .

The directory /home/ftp/bin contains the commands that the remote users are able to execute. On my system these are: compress, cpio, gzip, ls, sh, tar, zcat; all with execute-only (111) permissions.

The directory /home/ftp/etc contains the setup files necessary for the anonymous account to function (edited passwd, group, ld.so.cache). The directory /home/ftp/lib contains the libraries (I guess these libraries are used by the commands that the anonymous ftp users are allowed to run).

Red Hat 7.1 uses xinetd in place of the older inetd, and most of the network services are disabled on default. If you cannot telnet to yourself or another network service you need is disabled, you may want to inspect the files in the directory /etc/xinetd.d, and edit the file with the name of the service, so that it contains: disable = no . This is for for security reasons--you have to choose the services you need and enbable just those. Don't enable ftp unless you require it--ftp used to have quite a few security glitches in the past. If you enable network services, make sure you conservatively setup the files /etc/hosts.allow and /etc/host.deny for security.

Example file /etc/xinetd.d/tpfp showing the service disabled:
service tftp
{
        disable = yes
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /tftpboot
}
If you don't have this file, do cat to see what services you installed. The daemon for most services will start automatically on system startup if this startup is enabled using command setup (as root).

Next > 4.5.9 How can one access my computer from the outside world when I am on the net using phone connection?