Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX System Administrator's Guide: Routine Management Tasks: HP-UX 11i Version 3 > Chapter 3 Managing Systems

Managing FTP


Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

There are five files used to hold FTP configuration information. These files are listed in Table 3-1. The /etc/ftpd/ftpaccess configuration file is the primary configuration file for defining how the ftpd daemon operates. It is not necessary to enable the ftpaccess file in order to run ftpd.

The configuration files allow you to configure FTP features, such as the number of FTP login tries permitted, FTP banner displays, logging of incoming and outgoing file transfers, access permissions, use of regular expressions, etc. For complete details on these files, see the ftpaccess(4), ftpgroups(4), ftpusers(4), ftphosts(4), and ftpconversion(4) manpages.

If the ftpaccess file is enabled:

  • Settings in the ftpaccess file override any similar settings in the other files.

  • Any settings in the other files that are not present in ftpaccess are treated as supplemental or additional configuration information.

If the ftpaccess file is disabled:

  • The settings in the ftpusers, ftphosts, and ftpconversion files will be used.

  • The ftpgroupsfile will not be used.

Enabling/Disabling the /etc/ftpd/ftpaccess Configuration File

  • To enable the /etc/ftpd/ftpaccess file, specify the -a option for the ftp entry in the /etc/inetd.conf file. For example,

    ftp stream tcp nowait root /usr/lbin/ftpd ftpd -a -l -d

    (The -l option logs all commands sent to the ftpd server into syslog. The -d option logs debugging information into syslog.)

  • To disable the /etc/ftpd/ftpaccess file, specify the -A option for the ftp entry in the /etc/inetd.conf file. For example,

    ftp stream tcp nowait root /usr/lbin/ftpd ftpd -A -L -d

The FTP configuration files enable you to define how ftp works, as described in the following table.

Table 3-1 FTP Configuration Files

/etc/ftpd/ftpaccessThe primary configuration file defining the operation of the ftpd daemon. For more information see ftpaccess(4).
/etc/ftpd/ftpconversionsDefines options for compression/decompression and tar/untar operations. For more information see ftpconversions(4).
/etc/ftpd/ftphostsLets you allow/deny FTP account access according to source IP addresses and host names. For more information see ftphosts(4).


Restricts FTP access for specified users. For more information see ftpusers(4).

/etc/ftpd/ftpgroupsThe group password file for use with the SITE GROUP and SITE GPASS commands. For more information see ftpgroups(4).


Verifying the Path Names of FTP Configuration Files

To verify the path names of all FTP configuration files, enter:


For more information see the ckconfig(1) manpage.

Getting Information about FTP Users

To display the current number of users for each class and the limit for each class of users as defined in the /etc/ftpd/ftpaccess file, enter:


To display the current process information for each user logged into the FTP server, enter:


See the ftpcount(1) and ftpwho(1) manpages for more information

Creating an FTP Shutdown Message

The ftpshut command allows you to create a shutdown message file that warns users before FTP shuts down. The FTP daemon checks this file at intervals to determine the shutdown time. (You must be superuser to execute ftpshut.)

After the shutdown has occurred, you must enter the ftprestart command to remove all the shutdown message files from the real, anonymous, and virtual user accounts. These message files are created by the ftpshut utility.

For details on creating a FTP shutdown message, see the ftpshut(1) and the ftprestart(1) manpages and also Chapter 2 of the Installing and Administering Internet Services manual.

Logging FTP Session Information

You can specify FTP session logging using the log commands keyword in the /etc/ftpd/ftpaccess file.

log commands

Enables/disables logging of an FTP session to syslog, including commands, logins, login failures, and anonymous FTP activity. (This entry overrides the -L option specified for the ftp entry in /etc/inetd.conf.)

NOTE: To enable the /etc/ftpd/ftpaccess file, you must specify the -a option in the ftp entry of the /etc/inetd.conffile.

For details on the log commands keyword, see the ftpaccess(4) manpage.

Logging FTP File Transfers

You can log file transfer information from the FTP server daemon to the /var/adm/syslog/xferlog log file. The xferlog file records file transfer information such as current time, file transfer time, remote host, file name, file size, whether the file transfer was in ASCII or binary format.

Configuring Logging in the /etc/ftpd/ftpaccess File

To log incoming and outgoing FTP file transfers edit the /etc/ftpd/ftpaccess file, using the log transfers keyword.

log transfers

Enables/disables logging of file transfers for real or anonymous FTP users to/var/adm/syslog/xferlog. Logging of transfers to the server (incoming) can be enabled separately from transfers from the server (outgoing).

NOTE: To enable the /etc/ftpd/ftpaccess file you must specify the -a option in the ftp entry of the /etc/inetd.conffile.

For more information, see the ftpaccess(4) manpage and the xferlog(5) manpage.

Setting Up Virtual FTP Support

Virtual FTP support allows you to manage an FTP server for two or more separate domains on the same machine.

Using virtual FTP, you can configure systems so that user1 connecting via ftp to ftp.domain1.com gets one FTP banner and FTP directory, while user2 connecting via ftp to ftp.domain2.com gets another banner and directory. You can create a different set of configuration files ftpaccess, ftpconversions, ftphosts, ftpusers, and ftpgroups for each virtual FTP site. (This occurs even though the users are on the same machine and are using the same ports.

For detailed information on setting up virtual FTP support, see Chapter 2 of the Installing and Administering Internet Services manual.

NOTE: Setting up a virtual FTP server requires IP address aliasing.
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2008 Hewlett-Packard Development Company, L.P.