This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Anonymous ftp on 1.3.9


Pavel Tsekov wrote:

> AD> Funny my experience is the opposite. I turned on the Guest account then 
> AD> edited my /etc/passwd to change "Guest" to "ftp" in the username field 
> AD> only and set the home directory to point to my FTP area. At this point
> AD> "Guest" does not have a password. Anonymous ftp works but then again so 
> AD> does a telnet as user ftp without a password! Funny thing is that 
> AD> anonymous ftp does not show the contents of my FTP area while telneting
> AD> in as ftp does!
> 
> Guest is some kind of special beast - try with a freshly created user
> which has no password. Try to login via ftp using this account -
> you'll see (maybe) what I mean.
> 
> AD> Now if I put a password on the Guest account then telneting in as ftp
> AD> requires that password. But now anonymous ftping doesn't!
> 
> ftpd knows anonymous is guest and passes to the API LogonUser an empty
> password... Still I dont know what happens when you telnet - I've
> played just with ftpd.
> 
> AD> Any ideas? I want to set up anonymous ftp but I don't want to leave
> AD> myself wide open to do so.
> 
> Well its written in the README - you have to use account with an empty
> pass :) Can't help...

Well I got it up and running. Here's what I had to do. Perhaps this should be included
in some sort of FAQ:

1) Changed username Guest -> ftp in /etc/passwd.
2) Changed ftp's home directory to point to my ftp area.
3) Turned on Guest account.
4) Made sure Guest's password was unset.
5) Set ftp's shell to /bin/false. This insures that telnet ftp <nopassword> is not
a security problem.

Regarding setup of anonymous ftp area:

According to ftpd(1) it says to make ~ftp owned by "root" and unwriteable by anyone.
I set it to 555 and owned by SYSTEM.

~ftp/bin: The man page says this must be owned by "root" and unwriteable by anyone so
again I set it to 555 and owned by system. The man page says put a copy of ls.exe in
~ftp/bin and make it 111. This doesn't work for 2 reasons. First you also need a copy
of cygwin1.dll in ~ftp/bin. Secondly if it's set to 111 the ls does nothing! So I changed
it to 555. I also set cygwin1.dll to 555 and make both of these owned by SYSTEM.

~ftp/etc: The man page says the directory should be owned by root and unwriteable by
anyone. Again I set it to 555 and owned by SYSTEM. I put a copy of passwd and group
in there to as well as a customized motd and set them to 444 and owned by SYSTEM.

~ftp/pub: I didn't create this.

Also, you need to remove ftp and anonymous from /etc/ftpusers.

The only problem remaining is that if I browse to my ftp area with Netscape 6.x using
ftp://<Home PC IP Address> I get a blank page. If I go to ftp://<Home PC IP Address>/subdir
then it displays the contents properly. If I go to ftp://<Home PC IP Address> in IE 6
it switches from IE to Explorer and displays things properly. Strange...




--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]