Anonymous FTP is mentioned throughout this book as a technique for retrieving publicly available files and programs from the many FTP servers around the Internet. Anonymous FTP is simply an ftp session in which you log into the remote server using the username anonymous and, by convention, your email address as the password.  The anonymous FTP example below should make this simple process clear:
% ftp ftp.ncsa.edu Connected to ftp.ncsa.uiuc.edu. 220 FTP server Wed May 21 1997 ready. Name (ftp.ncsa.edu:kathy): anonymous 331 Guest login ok, use email address as password. Password: ftp> cd /Web/Mosaic/Unix/binaries/2.6 250 CWD command successful. ftp> binary 200 Type set to I. ftp> get Mosaic-hp-2.6.Z Mosaic.Z 200 PORT command successful. 150 Opening BINARY mode data connection for Mosaic-hp-2.6.Z. 226 Transfer complete. local: Mosaic.Z remote: Mosaic-hp-2.6.Z 809343 bytes received in 3.5 seconds (2.3e+02 Kbytes/s) ftp> quit 221 Goodbye.
In this example, the user logs into the server ftp.ncsa.edu using the username anonymous and the password firstname.lastname@example.org , which is her email address. With anonymous FTP, she can log in even though she doesn't have an account on ftp.ncsa.edu . Of course what she can do is restricted, but she can retrieve certain files from the system, and that's just what she does. She changes to the /Web/Mosaic/Unix/binaries/2.6 directory and gets the compressed file Mosaic-hp-2.6.Z . The file is retrieved in binary mode.
Using the anonymous FTP service offered by a remote server is very simple. However, setting up an anonymous FTP service on your own system is a little more complicated. Here are the steps to set up an anonymous FTP server:
The following examples show each of these steps. First, create the ftp home directory and the required subdirectories. In our example, we create the ftp directory under the /usr directory.
Then copy ls to /usr/ftp/bin , and set the correct permissions.
Create a group that will be used only by anonymous FTP, a group that has no other members. In our example we create a group called anonymous . An entry for this new group is added to the /etc/group file, and a file named /usr/ftp/etc/group is created that contains only this single entry.
Create a user named ftp by placing an entry for that user in the file /etc/passwd . Also create a file named /usr/ftp/etc/passwd that contains only the ftp entry. Here's the entry we used in both files:
These examples use a GID of 15 and a UID of 15. These are only examples; pick a UID and GID that aren't used for anything else on your system.
A cat of the newly created /usr/ftp/etc/passwd and /usr/ftp/etc/group files shows the following:
After the edits are complete, set both files to mode 444:
Set the correct ownership and mode for each of the directories. The ownership of /usr/ftp/pub , /usr/ftp/bin , and /usr/ftp/etc do not need to be changed because the directories were created by root .
If you must allow users to write their own files in the pub directory, make the following changes: 
For most UNIX systems, the installation is complete. But if you have a Sun OS 4.x system, a few more steps are necessary. The dynamic linking used by Sun OS requires that the ftp home directory contains:
These Sun-specific steps are shown in the following examples. First, create the directory /usr/ftp/usr/lib , then copy the files ld.so and libc.so.* into the new directory, and set the file permissions:
Next, create the ftp/dev directory, and run mknod to create dev/zero :
Now you can copy the files you wish to make publicly available into /usr/ftp/pub . To prevent these files from being overwritten by remote users, set the mode to 644 and make sure the files are not owned by user ftp .
Once you complete the configuration steps necessary for your system, test it thoroughly before announcing the service. Make sure that your server provides the anonymous FTP service you want, without providing additional "services" that you don't want (such as allowing anonymous users access to files outside of the ftp home directory). Anonymous FTP is a potential security risk. If you offer this service at all, limit the number of systems at your site that provide it (one is usually enough), and take care to ensure that the installation is done properly.