Mailinglist Archive: opensuse (2912 mails)

< Previous Next >
Re: [SLE] Can one ftp to one's computer?
  • From: Randall R Schulz <rschulz@xxxxxxxxx>
  • Date: Thu, 24 Feb 2005 10:17:39 -0800
  • Message-id: <200502241017.39585.rschulz@xxxxxxxxx>
Hylton, James,

On Thursday 24 February 2005 07:52, Hylton Conacher (ZR1HPC) wrote:
> Carlos E. R. wrote:
> > The Tuesday 2005-02-22 at 11:41 -0500, James P. Bennett wrote:
> >>When attempting to set up ftp, I tried to check by ftp'ing to my
> >> own workstation. Here's what I found (using pure-ftp), with ftpd
> >> running.
> >
> > ...
> >
> >>220-Local time is now 20:35. Server port: 21.
> >>220-Only anonymous FTP is allowed here
> >
> > ...
> >
> >>Name (172.30.130.130:jbennett): root
> >>230 Anonymous user logged in
> >
> > ------^^^^^^^^
> >
> >>257 "/" is your current location
> >>ftp> cd home
> >>550 Can't change directory to home: No such file or directory
> >>ftp>
> >>
> >>What am I doing wrong?
> >
> > Nothing. You have only allowed the user "anonymous".
>
> I would assume because each file therein is owned by a real user and
> therefore "anonymous" does not have permission to view anything
> therein. I would like to hear from the gurus on the list why this is
> so too.

If the problem were permissions, then it would say so. It says "No such
file or directory."

James' (the OP's) anonymous FTP login is probably running in a chroot
jail. It cannot "see" the file system as ordinary users do.

Another thing to note is that James entered the user name "root", which
suggests to me he was actually trying to log into the FTP server as
root. Not only is this prohibited in the default configuration even
when local user logins are enabled, it is highly inadvisable to allow
it in general, since FTP's authentication transactions take place in
clear text. Stealing passwords is as simple as capturing network
traffic.


Randall Schulz

< Previous Next >