Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX Reference > F


HP-UX 11i Version 3: February 2007

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index


ftpd — DARPA Internet File Transfer Protocol server


/usr/lbin/ftpd [-l] [-p] [-v] [-t timeout] [-P] [-T maxtimeout] [-u umask] [-U] [-K] [-B size] [-a|-A] [-L] [-i] [-o] [-m number_of_tries] [-n nice_value] [-q|-Q] [-r rootdir] [-V] [-w|-W] [-X] [-I] [-s|-S] [-c ctrlport] [-C dataport]


ftpd is the DARPA Internet File Transfer Protocol server. It expects to be run by the Internet daemon (see inetd(1M) and inetd.conf(4)). inetd runs ftpd when a service request is received at the port indicated in the ftp service specification in /etc/services (see services(4)).


ftpd recognizes the following options and command-line arguments.


Enables the use of the configuration file /etc/ftpd/ftpaccess. (see ftpaccess(4)).


Disables the use of the configuration file /etc/ftpd/ftpaccess. (see ftpaccess(4)).

-B size

Sets the buffer size of the data socket to size blocks of 1024 bytes. The valid range for size is from 1 to 2097151 (default is 56). Note: A large buffer size will improve the performance of ftpd on fast links, but may cause long connection times on slow links (for example, X.25).

Note: If the buffer size needs to be set to any value other than multiples of 1024 bytes, use "B" immediately after size without any space. The size value will be taken in terms of bytes. For example, to set the buffer size to a value equal to "1500", use -B 1500B.

-c ctrlport

-C dataport

Overrides the control and the data port numbers respectively that is used by the daemon. Normally, the daemon determines the port numbers by looking in /etc/services (see services(4)) for "ftp" and "ftp-data". If there is no /etc/services entry for "ftp-data" and the -C option is not specified, the daemon uses the port just prior to the control connection port. The -c and -C options are both available if running as a standalone daemon. Otherwise, only the -C option can be used.


Logs all the files received by ftpd server to xferlog (see xferlog(5)). This option is overridden by the /etc/ftpd/ftpaccess file. (see ftpaccess(4)).


Enables the use of RFC931 (AUTH/ident) to attempt to determine the username on the client.


Applicable only in a secure environment based on Kerberos V5. Causes access to be denied if network authentication fails. See sis(5).


Causes each FTP session to be logged in the syslog file.


Logs all commands sent to the ftpd server to be logged to the syslog. The -L option is overridden by the /etc/ftpd/ftpaccess file (see ftpaccess(4)). If the -L option is used, commands will be logged to syslog by default.

-m number_of_tries

Specifies the number of tries for a bind() socket call.

-n nice_value

Sets the nice value for an ftpd process. When using this option, make sure that the nice clause in /etc/ftpd/ftpaccess file (see ftpaccess(4)) is not set.


Logs all files transmitted by ftpd to xferlog (see xferlog(5)). It logs outgoing files from the ftpd server. This option is overridden by the /etc/ftpd/ftpaccess file (see ftpaccess(4)).


The default action of ftpd does not allow usage of reserved ports as the originating port on the client's system; that is, the PORT command cannot specify a reserved port. This option allows the client to specify a reserved port. Note, allowing usage of reserved ports can result in the misuse of ftpd. The security ramifications should be understood before the option is turned on.


Enables third party transfer.

-q | -Q

Determines whether the daemon uses the PID files. These files are required by the limit directive to determine the number of current users in each access class. Disabling the use of the PID files disables user limits. The default (-q) specifies to use the PID files. Specify -Q to disable using the PID files. The -Q option can be used when testing the server as a normal user when access permissions prevent the use of the PID files. Large, busy sites which do not wish to impose limits on the number of concurrent users may also consider disabling the PID files.

-r rootdir

Instructs the daemon to chroot (see chroot(2)) to the specified rootdir immediately upon loading. This can improve system security by limiting the files which may be damaged should a break-in occur through the daemon. This option is like anonymous FTP. For this option to work properly additional files may be needed under the specified rootdir, which can vary from system to system.

-s | -S

Runs the daemon in standalone operation mode. The -S option runs the daemon in the background and is useful in startup scripts during system initialization (that is, in rc.local). The -s option leaves the daemon in foreground and is useful when running from init (see init(1M)).

-t timeout

Causes ftpd to timeout inactive sessions after timeout seconds. By default, ftpd terminates an inactive session after 15 minutes. A timeout value of 0 implies that there is no timeout value and ftpd is set to an infinite timeout period. If timeout is set to a value more than maxtimeout (see the -T maxtimeout option), timeout will be set to the maxtimeout value.

-T maxtimeout

A client can also request a different timeout period. The -T option sets to maxtimeout the maximum timeout that client can request, in seconds. By default, the maximum timeout is 2 hours. A maxtimeout value of 0 implies that there is no timeout value and ftpd is set to an infinite timeout period.

-u umask

Change default ftpd umask from 027 to umask.


Disables the use of sendfile() and uses send() for sending data. Use this option if the link cannot handle more than one buffer per packet (for example, Gigabit Ethernet).


The debugging information is written to the syslog file.


Causes the program to display copyright and version information, then terminate.

-w | -W

Determines whether the user logins are to be recorded in the wtmps and btmps files. If the -W option is specified, user logins are not recorded in the wtmps or btmps file. The default (-w) is used to record every login, logout, and bad login attempts.


Specifies that the output created by the -i and -o options is not saved to the xferlog file but saved via syslog so that the output can be collected from several hosts on one central loghost.

ftpd currently supports the following commands (uppercase and lowercase are interpreted as equivalent):




Abort previous command


Specify account (ignored)


Allocate storage (vacuously)


Append to a file


Change to parent of current working directory


Change working directory


Delete a file


Sets the server to listen on a data port and wait for a connection


Use extended address for data connection


Give help information


Give list files in a directory (ls -l)


Use long address for data connection


Sets the server to listen on a data port and wait for a connection


Make a directory


Show last modification time of file


Specify data transfer mode


Give name list of files in directory


Do nothing


Specify password


Prepare for server-to-server transfer


Specify data connection port


Print the current working directory


Terminate session


Restart incomplete transfer


Retrieve a file


Remove a directory


Specify rename-from file name


Specify rename-to file name


Non-standard commands (see next section)


Return size of file


Return status of server


Store a file


Store a file with a unique name


Specify data transfer structure


Show operating system type of server system


Specify data transfer type


Specify user name


Change to parent of current working directory


Change working directory


Make a directory


Print the current working directory


Remove a directory

The following commands are supported when ftpd is operating in a secure environment which is based on Kerberos V5 (see sis(5)).




Authentication/security mechanism


Authentication/security data


Clear command channel


Privacy protected command


Integrity protected command


Data channel protection level (level "C" only)


Protection buffer size (has no effect)

These commands are described in draft 8 of the FTP security extensions.

The following non-standard or HP-UX specific commands are supported by the SITE command:




Change umask (for example, SITE UMASK 002).


Set idle-timer (for example, SITE IDLE 60).


Change mode of a file (for example, SITE CHMOD 755 filename).


Give help information (for example, SITE HELP).


List files newer than a particular date.


Works like SITE NEWER, but gives extra information.


Request for special group access (for example, SITE GROUP foo).


Give special group access password (for example, SITE GPASS bar).


Execute a program (for example, SITE EXEC program params).

For the SITE EXEC command, in order to execute a program it has to be placed in the /etc/ftpd/ftp-exec directory. The program to be executed must be either a binary program file or a valid shell. For example for the following program:

cat /etc/ftpd/ftp-exec/hi.sh #!/usr/bin/sh echo hello

When we give the following SITE EXEC command:

ftp> site exec hi.sh

The output will be as follows:

200-hi.sh 200-hello 200 (end of 'hi.sh')

Note: The security of the system will entirely be dependent on what binaries or shell programs that the administrator has placed in the directory /etc/ftpd/ftp-exec. Making this functionality available to real users who have shell access does not have any major security ramifications, but for anonymous and guest users who do not have shell access, it does.

The remaining FTP requests specified in Internet RFC 959 are recognized, but not implemented. MDTM and SIZE are not specified in RFC 959, but are expected in the next updated FTP RFC.

The FTP server aborts an active file transfer only when the ABOR command is preceded by a Telnet "Interrupt Process" (IP) signal and a Telnet "Synch" signal in the command Telnet stream, as described in Internet RFC 959. If ftpd receives a STAT command during a data transfer, preceded by a Telnet IP and Synch, it returns the status of the transfer.

ftpd interprets file names according to the "globbing" conventions used by csh. This allows users to utilize the metacharacters *, ., [, ], {, }, ~, and ?.

ftpd authenticates users according to three rules:

  • The user name must be in the password data base, /etc/passwd, and not have a null password. The client must provide the correct password for the user before any file operations can be performed.

  • The user name must not appear in the file /etc/ftpd/ftpusers (see ftpusers(4)).

  • The user must have a standard shell returned by getusershell().

Optionally, a system administrator can permit public access or "anonymous FTP." If this has been set up, users can access the anonymous FTP account with the user name anonymous or ftp and any non-null password (by convention, the client host's name). ftpd does a chroot() to the home directory of user ftp, thus limiting anonymous FTP users' access to the system. If the user name is anonymous or ftp, an anonymous FTP account must be present in the password file (user ftp). In this case the user is allowed to log in by specifying any password (by convention this is given as the user's e-mail address).

In order to permit anonymous FTP, there must be an entry in the passwd database for an account named ftp. The password field should be *, the group membership should be guest, and the login shell should be /usr/bin/false. For example (assuming the guest group ID is 10):

ftp:*:500:10:anonymous ftp:/home/ftp:/usr/bin/false

The anonymous FTP directory should be set up as follows:


The home directory of the FTP account should be owned by user root and mode 555 (not writable). Since ftpd does a chroot() to this directory, it must have the following subdirectories and files:


This directory must be owned by root and mode 555 (not writable). The file /sbin/ls should be copied to ~ftp/usr/bin. This is needed to support directory listing by ftpd. The command should be mode 111 (executable only). If the FTP account is on the same file system as /sbin, ~ftp/usr/bin/ls can be hard link, but it may not be a symbolic link, because of the chroot(). The command must be replaced when the system is updated.

Note: The file /usr/bin/ls can also be copied to the directory ~ftp/usr/bin in place of /sbin/ls. However, if this is done, a set of relevant libraries must also be copied under the directory ~ftp/usr/lib. See the HP-UX Remote Access Services Administrator's Guide for details of required libraries. The directory ~ftp/usr/lib must be owned by root and mode 555 (not writable). All the libraries copied under this directory must be mode 555 (not writable).


This directory must be owned by root and mode 555 (not writable). It should contain versions of the files passwd and group. See passwd(4) and group(4). These files must be owned by root and mode 444 (readable only). These files must be present for the LIST command to be able to produce owner names rather than numbers.


This file should contain entries for the ftp user and any other users who own files under the anonymous ftp directory. Such entries should have * for passwords. Group IDs must be listed in the anonymous FTP group file, ~ftp/etc/group. The path names of home directories in ~ftp/etc/passwd must be with respect to the anonymous FTP home directory.


This file should contain the group names associated with any group IDs in file ~ftp/etc/passwd and any group IDs of files in the anonymous FTP subdirectories.

~ftp/pub (optional)

This directory is used by anonymous FTP users to deposit files on the system. It should be owned by user ftp and should be mode 777 (readable and writable by all).

~ftp/dist (optional)

Directories used to make files available to anonymous FTP users should be mode 555 (not writable), and any files to be distributed should be owned by root and mode 444 (readable only) so that they cannot be modified or removed by anonymous FTP users.

Note: The steps that are followed to create an anonymous account are used to create a guest account also.


ftpd replies to FTP commands to ensure synchronization of requests and actions during file transfers, and to indicate the status of ftpd. Every command produces at least one reply, although there may be more than one. A reply consists of a three-digit number, a space, some text, and an end of line. The number is useful for programs; the text is useful for users. The number must conform to this standard, but the text can vary.

The first digit of the message indicates whether the reply is good, bad, or incomplete. Five values exist for the first digit. The values and the interpretations of the values are:


The requested action is being initiated; expect another reply before proceeding with a new command.


The requested action is complete. The server is ready for a new request.


The command has been accepted, but the requested action requires more information.


The command was not accepted, the requested action failed, but the error condition is temporary and the action can be requested again.


The command was not accepted, the requested action failed, and the error condition would most likely occur again if the same command sequence is repeated.

The second digit indicates the functional area that the message addresses. The values of the second digit and the interpretations of these values are:


Syntax. A message with a 0 for the second digit indicates that a syntax error occurred.


Information. A message with a 1 as the second digit indicates that the message is in reply to a request for information.


Connections. A message with a 2 as the second digit indicates that the message is a reply to a request for control and data connection information.


Authentication and accounting. A message with a 3 as the second digit indicates that the message is a reply to a login or accounting procedure.


Not currently specified.


File system. A message with a 5 as the second digit indicates that the text following the number contains information concerning the status of the server file system.

The third digit provides a further clarification of the information supplied by the second digit. Following are several examples of messages. Note that ftpd's replies match the number but not the text.


Restart marker reply. MARK yyyy=mmmm where yyyy is a user process data stream marker, and mmmm is ftpd's equivalent marker


Service ready in nnn minutes


Command okay


System status, or system help reply


Directory status


User logged in, proceed


Requested file action okay, completed


User name okay, need password


Requested file action pending further information


Cannot open data connection


Requested action aborted: local error in processing


Syntax error, command unrecognized or command line too long


Not logged in


Requested action not taken; file unavailable, not found, no access


There are some extensions to the FTP server such that if the user specifies a filename (when using a RETRIEVE command), the following actions will occur:

True FilenameSpecified FilenameAction
filename.ZfilenameDecompress (uncompress) file
  before transmitting
filenamefilename.ZCompress filename
  before transmitting
filenamefilename.tarTar filename
  before transmitting
filenamefilename.tar.ZTar and compress filename
  before transmitting

Also, the FTP server will attempt to check for valid e-mail addresses and notify the user if invalid e-mail addresses are found. For users whose FTP client will hang on "long replies" (that is, multiline responses), using a dash as the first character of the password will disable this "long replies" feature.

Note: Users whose password starts with a dash, have to use an extra dash in the beginning of the password for login to succeed. However, the "long replies" feature will be disabled in this case.

The FTP server can also log all file transmission and reception, keeping the following information for each file transmission that takes place.

  • %.24s %d %s %d %s %c %s %c %c %s %s %d %s 1 2 3 4 5 6 7 8 9 10 11 12 13


    current time in the form DDD MMM dd hh:mm:ss YYYY


    transfer time in seconds


    remote host name


    file size in bytes


    name of file


    transfer type (a>scii, b>inary)


    special action flags (concatenated as needed): C file was compressed U file was uncompressed T file was tar'ed _ no action taken


    file was sent to user (o>utgoing) or received from user (i>ncoming)


    accessed anonymously (r>eal, a>nonymous, g>uest)


    local username or, if guest, ID string given (anonymous FTP password)


    service name ("ftp", other)


    authentication method (bitmask) 0 none 1 RFC931 Authentication


    authenticated user id (if available, "*" otherwise)


The password is sent unencrypted through the socket connection.

Anonymous FTP is inherently dangerous to system security.


Pluggable Authentication Modules (PAM)

PAM is an Open Group standard for user authentication, password modification, and validation of accounts. In particular, pam_authenticate() is invoked to perform all functions related to login. This includes retrieving the password, validating the account, and displaying error messages.

ftpd supports only a single password, unlike the login and passwd commands. ftpd will not work properly if it uses multiple modules in the /etc/pam.conf file.


ftpd was developed by the University of California, Berkeley and the Washington University, St. Louis, Missouri.

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.