Enable FTP access restrictions

Posted on 5:37 PM by Bharathvn

When you first install Linux, it comes with a lot of Internet services running, including mail, telnet, finger and FTP. You really should disable all those that you don't need from /etc/inetd.conf and your startup scripts.

FTP may be very useful, but must be configured correctly. It can allow people to log into their accounts, it can allow anonymous users to login to a public software directory, and it can display nice messages to them.

The files that you will probably want to modify are /etc/ftpusers and /etc/ftpaccess.
The file /etc/ftpusers is very simple. It lists the people that will not be allowed to use FTP to your system. The root account, and other system accounts should be in that file.
The file /etc/ftpaccess is a bit more complex and controls the behaviour of the FTP server. It tells it what to use as README file to display on a directory listing, what kind of logs to create and what messages to
display.

Note that if you create an anonymous FTP area, you will need to read the FTP man page and do exactly what it tells you to avoid possible security risks.