Provided by: heimdal-servers_1.6~git20120311.dfsg.1-2_i386 bug


     ftpd -- Internet File Transfer Protocol server


     ftpd [-a authmode] [-dilvU] [-g umask] [-p port] [-T maxtimeout]
          [-t timeout] [--gss-bindings] [-I | --no-insecure-oob]
          [-u default umask] [-B | --builtin-ls] [--good-chars=string]


     Ftpd is the Internet File Transfer Protocol server process.  The server
     uses the TCP protocol and listens at the port specified in the ``ftp''
     service specification; see services(5).

     Available options:

     -a      Select the level of authentication required.  Kerberised login
             can not be turned off. The default is to only allow kerberised
             login.  Other possibilities can be turned on by giving a string
             of comma separated flags as argument to -a.  Recognised flags

             plain  Allow logging in with plaintext password. The password can
                    be a(n) OTP or an ordinary password.

             otp    Same as plain, but only OTP is allowed.

             ftp    Allow anonymous login.

             The following combination modes exists for backwards

             none   Same as plain,ftp.

             safe   Same as ftp.

             user   Ignored.

     -d      Debugging information is written to the syslog using LOG_FTP.

     -g      Anonymous users will get a umask of umask.

             require the peer to use GSS-API bindings (ie make sure IP
             addresses match).

     -i      Open a socket and wait for a connection. This is mainly used for
             debugging when ftpd isn't started by inetd.

     -l      Each successful and failed ftp(1) session is logged using syslog
             with a facility of LOG_FTP.  If this option is specified twice,
             the retrieve (get), store (put), append, delete, make directory,
             remove directory and rename operations and their filename
             arguments are also logged.

     -p      Use port (a service name or number) instead of the default

     -T      A client may also request a different timeout period; the maximum
             period allowed may be set to timeout seconds with the -T option.
             The default limit is 2 hours.

     -t      The inactivity timeout period is set to timeout seconds (the
             default is 15 minutes).

     -u      Set the initial umask to something else than the default 027.

     -U      In previous versions of ftpd, when a passive mode client
             requested a data connection to the server, the server would use
             data ports in the range 1024..4999.  Now, by default, if the
             system supports the IP_PORTRANGE socket option, the server will
             use data ports in the range 49152..65535.  Specifying this option
             will revert to the old behavior.

     -v      Verbose mode.

     -B, --builtin-ls
             use built-in ls to list files

             allowed anonymous upload filename chars

     -I --no-insecure-oob
             don't allow insecure out of band.  Heimdal ftp clients before
             0.6.3 doesn't support secure oob, so turning on this option makes
             them no longer work.

     The file /etc/nologin can be used to disable ftp access.  If the file
     exists, ftpd displays it and exits.  If the file /etc/ftpwelcome exists,
     ftpd prints it before issuing the ``ready'' message.  If the file
     /etc/motd exists, ftpd prints it after a successful login.

     The ftp server currently supports the following ftp requests.  The case
     of the requests is ignored.

           Request    Description
           ABOR       abort previous command
           ACCT       specify account (ignored)
           ALLO       allocate storage (vacuously)
           APPE       append to a file
           CDUP       change to parent of current working directory
           CWD        change working directory
           DELE       delete a file
           HELP       give help information
           LIST       give list files in a directory (``ls -lgA'')
           MKD        make a directory
           MDTM       show last modification time of file
           MODE       specify data transfer mode
           NLST       give name list of files in directory
           NOOP       do nothing
           PASS       specify password
           PASV       prepare for server-to-server transfer
           PORT       specify data connection port
           PWD        print the current working directory
           QUIT       terminate session
           REST       restart incomplete transfer
           RETR       retrieve a file
           RMD        remove a directory
           RNFR       specify rename-from file name
           RNTO       specify rename-to file name
           SITE       non-standard commands (see next section)
           SIZE       return size of file
           STAT       return status of server
           STOR       store a file
           STOU       store a file with a unique name
           STRU       specify data transfer structure
           SYST       show operating system type of server system
           TYPE       specify data transfer type
           USER       specify user name
           XCUP       change to parent of current working directory
           XCWD       change working directory (deprecated)
           XMKD       make a directory (deprecated)
           XPWD       print the current working directory (deprecated)
           XRMD       remove a directory (deprecated)

     The following commands are specified by RFC2228.

           AUTH       authentication/security mechanism
           ADAT       authentication/security data
           PROT       data channel protection level
           PBSZ       protection buffer size
           MIC        integrity protected command
           CONF       confidentiality protected command
           ENC        privacy protected command
           CCC        clear command channel

     The following non-standard or UNIX specific commands are supported by the
     SITE request.

           UMASK      change umask, (e.g. SITE UMASK 002)
           IDLE       set idle-timer, (e.g. SITE IDLE 60)
           CHMOD      change mode of a file (e.g. SITE CHMOD 755 filename)
           FIND       quickly find a specific file with GNU locate(1).
           HELP       give help information.

     The following Kerberos related site commands are understood.

           KAUTH      obtain remote tickets.
           KLIST      show remote tickets

     The remaining ftp requests specified in Internet RFC 959 are recognized,
     but not implemented.  MDTM and SIZE are not specified in RFC 959, but
     will appear in the next updated FTP RFC.

     The ftp server will abort an active file transfer only when the ABOR
     command is preceded by a Telnet "Interrupt Process" (IP) signal and a
     Telnet "Synch" signal in the command Telnet stream, as described in
     Internet RFC 959.  If a STAT command is received during a data transfer,
     preceded by a Telnet IP and Synch, transfer status will be returned.

     Ftpd interprets file names according to the ``globbing'' conventions used
     by csh(1).  This allows users to use the metacharacters ``*?[]{}~''.

     Ftpd authenticates users according to these rules.

           1.   If Kerberos authentication is used, the user must pass valid
                tickets and the principal must be allowed to login as the
                remote user.

           2.   The login name must be in the password data base, and not have
                a null password (if Kerberos is used the password field is not
                checked).  In this case a password must be provided by the
                client before any file operations may be performed.  If the
                user has an OTP key, the response from a successful USER
                command will include an OTP challenge. The client may choose
                to respond with a PASS command giving either a standard
                password or an OTP one-time password. The server will
                automatically determine which type of password it has been
                given and attempt to authenticate accordingly. See otp(1) for
                more information on OTP authentication.

           3.   The login name must not appear in the file /etc/ftpusers.

           4.   The user must have a standard shell returned by

           5.   If the user name appears in the file /etc/ftpchroot the
                session's root will be changed to the user's login directory
                by chroot(2) as for an ``anonymous'' or ``ftp'' account (see
                next item).  However, the user must still supply a password.
                This feature is intended as a compromise between a fully
                anonymous account and a fully privileged account.  The account
                should also be set up as for an anonymous account.

           6.   If the user name is ``anonymous'' or ``ftp'', an anonymous ftp
                account must be present in the password file (user ``ftp'').
                In this case the user is allowed to log in by specifying any
                password (by convention an email address for the user should
                be used as the password).

     In the last case, ftpd takes special measures to restrict the client's
     access privileges.  The server performs a chroot(2) to the home directory
     of the ``ftp'' user.  In order that system security is not breached, it
     is recommended that the ``ftp'' subtree be constructed with care,
     consider following these guidelines for anonymous ftp.

     In general all files should be owned by ``root'', and have non-write
     permissions (644 or 755 depending on the kind of file). No files should
     be owned or writable by ``ftp'' (possibly with exception for the
     ~ftp/incoming, as specified below).

           ~ftp      The ``ftp'' homedirectory should be owned by root.

           ~ftp/bin  The directory for external programs (such as ls(1)).
                     These programs must either be statically linked, or you
                     must setup an environment for dynamic linking when
                     running chrooted.  These programs will be used if

                           ls      Used when listing files.

                                   When retrieving a filename that ends in .Z,
                                   and that file isn't present, ftpd will try
                                   to find the filename without .Z and
                                   compress it on the fly.

                           gzip    Same as compress, just with files ending in

                           gtar    Enables retrieval of whole directories as
                                   files ending in .tar.  Can also be combined
                                   with compression. You must use GNU Tar (or
                                   some other that supports the -z and -Z

                           locate  Will enable ``fast find'' with the SITE
                                   FIND command. You must also create a
                                   locatedb file in ~ftp/etc.

           ~ftp/etc  If you put copies of the passwd(5) and group(5) files
                     here, ls will be able to produce owner names rather than
                     numbers. Remember to remove any passwords from these

                     The file motd, if present, will be printed after a
                     successful login.

           ~ftp/dev  Put a copy of /dev/null(7) here.

           ~ftp/pub  Traditional place to put whatever you want to make

     If you want guests to be able to upload files, create a ~ftp/incoming
     directory owned by ``root'', and group ``ftp'' with mode 730 (make sure
     ``ftp'' is member of group ``ftp'').  The following restrictions apply to
     anonymous users:

     +o   Directories created will have mode 700.

     +o   Uploaded files will be created with an umask of 777, if not changed
         with the -g option.

     +o   These command are not accessible: DELE, RMD, RNTO, RNFR, SITE UMASK,
         and SITE CHMOD.

     +o   Filenames must start with an alpha-numeric character, and consist of
         alpha-numeric characters or any of the following: + (plus), -
         (minus), = (equal), _ (underscore), . (period), and , (comma).


     /etc/ftpusers    Access list for users.
     /etc/ftpchroot   List of normal users who should be chroot'd.
     /etc/ftpwelcome  Welcome notice.
     /etc/motd        Welcome notice after login.
     /etc/nologin     Displayed and access refused.
     ~/.klogin        Login access for Kerberos.


     ftp(1), otp(1), getusershell(3), ftpusers(5), syslogd(8)


     RFC 1938  OTP Specification
     RFC 2228  FTP Security Extensions.


     The server must run as the super-user to create sockets with privileged
     port numbers.  It maintains an effective user id of the logged in user,
     reverting to the super-user only when binding addresses to sockets.  The
     possible security holes have been extensively scrutinized, but are
     possibly incomplete.


     The ftpd command appeared in 4.2BSD.