FTP Client Commands
ABOR Terminates previous command.
ACCT Specifies account (ignored).
ALLO Allocates storage (vacuously).
APPE Appends to a file.
CDUP Changes to the parent directory of the current working
directory.
CWD Changes working directory.
DELE Deletes a file.
HELP Gives help information.
LIST Gives list files in a directory (this FTP request is the
same as the ls -lgA command).
MKD Makes a directory.
MDTM Shows last modification time of file.
MODE Specifies data transfer mode.
NLST Gives a name list of files in directory (this FTP request is
the same as the ls command).
NOOP Does nothing.
PASS Specifies a password.
PASV Prepares for server-to-server transfers.
PORT Specifies a data connection port.
PWD Prints the current working directory.
QUIT Terminates session.
RETR Retrieves a file.
RMD Removes a directory.
RNFR Specifies rename-from file name.
RNTO Specifies rename-to file name.
SITE The following nonstandard or UNIX-specific commands are sup-
ported by the SITE request:
UMASK Changes umask (SITE UMASK 002).
IDLE Sets idler time (SITE IDLE 60).
CHMOD Changes mode of a file (SITE CHMOD 755 FileName).
HELP Gives help information (SITE HELP).
SIZE Returns size of current file.
STAT Returns the status of the server.
STOR Stores a file.
STOU Stores a file using a unique file name.
STRU Specifies the structure of data transfer as a file struc-
ture.
SYST Shows operating system type of server system.
TYPE Specifies data transfer type with the Type parameter.
USER Specifies user name.
XCUP Changes the parent directory of the current working directo-
ry (not normally used).
XCWD Changes current directory (not normally used).
XMKD Creates a directory (not normally used).
XPWD Prints the current working directory (not normally used).
XRMD Removes a directory (not normally used).
ftpd Daemon
Purpose
Provides the server function for the Internet FTP protocol.
Syntax
Note: The ftpd daemon is normally started by the inetd daemon.
It can also be controlled from the command line, using SRC com-
mands.
/usr/sbin/ftpd [ -d ] [ -k ] [ -l ] [ -t TimeOut ] [ -T
MaxTimeOut ] [ -s ]
[ -u OctalVal ]
Description
The /usr/sbin/ftpd daemon is the DARPA Internet File Transfer
Protocol (FTP) server process. The ftpd daemon uses the Transmis-
sion Control Protocol (TCP) to listen at the port specified with
the ftp command service specification in the /etc/ services file
and the InetServ object class.
Changes to the ftpd daemon can be made using the System Manage-
ment Interface Tool (SMIT) or System Resource Controller (SRC),
by editing the InetServ object class, or by editing the
/etc/inetd.conf or /etc/services file. Entering ftp at the com-
mand line is not recommended. The ftpd daemon is started by de-
fault when it is uncommented in the /etc/inetd.conf file.
The inetd daemon get its information from the InetServ object
class, stored in Object Data Manager (ODM). This object class is
a combination of the information in the /etc/inetd.conf file and
the /etc/services file. The InetServ object class is created at
install time from information in these two files.
If you change the /etc/inetd.conf or /etc/services file, run the
refresh -s inetd or kill -1 InetdPID command to inform the inetd
daemon of the changes to its configuration files. If you edit
the InetServ object class, using an ODM editor, run the inetexp
command to export the InetServ object class to the /
etc/inetd.conf and
/etc/services files.
The ftpd daemon expands file names according to the conventions
of the csh command. This command allows you to use such meta-
characters as the * (asterisk), the ? (question mark), [ ] (left
and right brackets), { } (left and right braces), and the \~
(tilde).
Before the ftpd daemon can transfer files for a client process,
it must authenticate the client process. The ftpd daemon authen-
ticates client processes according to these rules:
* The user must have a password in the password database,
/etc/security/passwd. (If the user's password is not null, the
client process must provide that password.)
* The user name must not appear in the /etc/ftpusers file.
* If the user name is anonymous or ftp, an anonymous FTP account
must be defined in the password file. In this case, the client
process is allowed to log in using any password.
By convention, the password is the name of the client host. The
ftpd daemon takes special measures to restrict access by the
client process to the anonymous account.
File Transfer Protocol Subtree Guidelines
When handling an anonymous FTP user, the server performs the
chroot command in the home directory of the FTP user account.
For greater security, implement the following rules when you con-
struct the FTP subtree:
\~ftp Make the home directory owned by FTP and unwritable by any-
one else.
\~ftp/bin Make this directory owned by the root user and unwrit-
able by anyone. The ls program must be present in this directory
to support the list command. This program should have mode 111.
\~ftp/etc Make this directory owned by the root user and unwrit-
able by anyone. The passwd and group files must be present in
this directory for the ls command to be able to produce owner
names rather than numbers. The password field in the passwd file
is not used and should not contain real encrypted passwords.
These files should be mode 444.
\~ftp/pub Make this directory mode 777 and owned by FTP. Users
should then place files that are to be accessible through the
anonymous account in this directory.
Note: The shell script /usr/lpp/tcpip/samples/anon.ftp uses the
above rules to set up the anonymous FTP account for you.
The server must run as the root user to create sockets with
privileged port numbers. The server maintains an effective user
ID of the logged-in user, reverting to the root user only when
binding addresses to sockets.
Supported File Transfer Protocol Requests
The ftpd daemon currently supports the following FTP requests:
The remaining FTP requests defined in Internet RFC 959 are recog-
nized, but not implemented. The MDTM and SIZE requests are not
specified by RFC 959, but are scheduled to appear in the next up-
dated FTP RFC.
If a STAT request is received during a data transfer and preceded
by both a Telnet IP signal and SYNCH signal, transfer status is
returned.
The ftpd daemon should be controlled using the System Management
Interface Tool (SMIT) or by changing the /etc/inetd.conf file.
Entering ftpd at the command line is not recommended.
Manipulating the ftpd Daemon with the System Resource Controller
The ftpd daemon is a subserver of the inetd daemon, which is a
subsystem of the System Resource Controller ( SRC). The ftpd
daemon is a member of the tcpip SRC subsystem group. This daemon
is enabled by default in the /etc/inetd.conf file and can be
manipulated by the following SRC commands:
startsrc Starts a subsystem, group of subsystems, or a sub-
server.
stopsrc Stops a subsystem, group of subsystems, or a subserver.
lssrc Gets the status of a subsystem, group of subsystems, or a
subserver.
Flags
-d Sends debugging information about ftpd daemon operations to
the syslogd daemon. If you specify the -d flag, you must edit
the /etc/syslog.conf file and add the following entry:
daemon.debug FileName
Note: The syslogd daemon's debug level includes info level mes-
sages.
If you do not edit the /etc/syslog.conf file, no messages are
produced. After changing the /etc/syslog.conf file, run the re-
fresh -s syslogd command or kill -1 SyslogdPID command
to inform the syslogd daemon of the changes to its configuration
file. For more information about debug levels, refer to the
/etc/syslog.conf file.
-k Sets the SO_KEEPALIVE option defined in the sys/socket.h file
on the data transfer socket to enable the data transfer to time
out in the event TCP/IP hangs. The idle interval time is based
on systemwide values designated by the tcp_keepidle and
tcp_keepintvl options of the no command. Without the flag, ftpd
data transfer will not time out.
-l Sends logging information about ftpd daemon operations to the
syslogd daemon. If you specify the -l flag, you must edit the
/etc/syslog.conf file and add the following entry:
daemon.info FileName
If you do not edit the /etc/syslog.conf file, no messages are
produced. After changing the /etc/syslog.conf file, run the re-
fresh -s syslogd command or kill -1 SyslogdPID command
to inform the syslogd daemon of the changes to its configuration
file. For more information about debug levels, refer to the
/etc/syslog.conf file.
-t TimeOut Logs out inactive sessions after the number of seconds
specified by the TimeOut variable. The default limit is 15
minutes (900 seconds).
-T MaxTimeOut Logs out inactive client sessions after a maximum
number of seconds specified by the MaxTimeOut variable. The de-
fault limit is 2 hours (7200 seconds).
-s Turns on socket-level debugging.
-u OctalVal Sets the ftpd daemon's umask. The OctalVal variable
must be specified as an octal value to define the umask. The de-
fault umask is an octal value of 027, which results in file per-
missions of rw-r-----.
Examples
Note: The arguments for the ftpd daemon can be specified by using
SMIT or by editing the /etc/inetd.conf file.
1. To start the ftpd daemon, enter the following:
startsrc -t ftp
This command starts the ftpd subserver.
2. To stop the ftpd daemon normally, enter the following:
stopsrc -t ftp
This command allows all pending connections to start and existing
connections to complete but prevents new connections from start-
ing.
3. To force stop the ftpd daemon and all ftpd connections, enter
the following:
stopsrc -t -f ftp
This command terminates all pending connections and existing con-
nections immediately.
4. To display a short status report about the ftpd daemon, enter
the following:
lssrc -t ftp
This command returns the daemon's name, process ID, and state
(active or inactive).
Implementation Specifics
This daemon is part of TCP/IP in Network Support Facilities in
Base Operating System (BOS) Runtime.
Files
/etc/locks/ftpd Contains interlock and process ID (PID) storage.
/etc/ group Contains passwords for groups.
/etc/ passwd Contains passwords for users
/etc/ security/passwd Contains encrypted passwords.
/etc/syslog.conf Contains configuration information for the
syslogd daemon.
/usr/lpp/tcpip/samples/anon.ftp Contains the example shell script
with which to set up an anonymous FTP account. This file also
contains directions for its use.
Related Information
The ftp command, inetexp command, inetimp command, inetserv
command, kill command, lssrc command, no command, refresh
command, startsrc command, stopsrc command.
The syslogd daemon, inetd daemon.
The /etc/ftpusers file format, /etc/inetd.conf file format,
/etc/services file format.
TCP/IP Daemons in AIX Version 3.2 System Management Guide: Com-
munications and Networks.