openafs/doc/html/AdminReference/auarf178.htm

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
<HTML><HEAD>
<TITLE>Administration Reference</TITLE>
<!-- Begin Header Records  ========================================== -->
<!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID      -->
<!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30                -->
<META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">
<META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">
<META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">
</HEAD><BODY>
<!-- (C) IBM Corporation 2000. All Rights Reserved    --> 
<BODY bgcolor="ffffff"> 
<!-- End Header Records  ============================================ -->
<A NAME="Top_Of_Page"></A>
<H1>Administration Reference</H1>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf177.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf179.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P> 
<P>
<H2><A NAME="HDRFTPD" HREF="auarf002.htm#ToC_192">ftpd (AFS version)</A></H2>
<A NAME="IDX5044"></A>
<A NAME="IDX5045"></A>
<A NAME="IDX5046"></A>
<A NAME="IDX5047"></A>
<A NAME="IDX5048"></A>
<P><STRONG>Purpose</STRONG>
<P>Initializes the Internet File Transfer Protocol server
<P><STRONG>Synopsis</STRONG>
<PRE><B>ftpd</B>  [<B>-d</B>]  [<B>-l</B>]  [<B>-t</B> &lt;<VAR>timeout</VAR>>]  [<B>-v</B>]  [<B>-T</B> &lt;<VAR>MaxTimeOut</VAR>>]  [<B>-u</B>]  [<B>-s</B>]
</PRE>
<P><STRONG>Description</STRONG>
<P>The AFS-modified <B>ftpd</B> program functions like the standard UNIX
<B>ftpd</B> program, but also authenticates the issuer of the
<B>ftp</B> command (who is presumably working on a remote machine) with
the Authentication Server in the local cell (the home cell of the machine
where the <B>ftpd</B> process is running, as defined in the local
<B>/usr/vice/etc/ThisCell</B> file). The authentication is based on
the user name and password provided at the <TT>ftp></TT> prompts on the
remote machine. The Cache Manager on the machine running the
<B>ftpd</B> process stores the newly created token, identifying it by
process authentication group (PAG) rather than by the user's UNIX
UID.
<P>The issuer of the <B>ftp</B> command can be working in a foreign cell,
as long as the user name and password provided are valid in the cell where the
<B>ftpd</B> process is running. If the user name under which the
<B>ftp</B> command is issued does not exist in the Authentication Database
for the cell where the <B>ftpd</B> process is running, or the issuer
provides the wrong password, then the <B>ftpd</B> process logs the user
into the local file system of the machine where the <B>ftpd</B> process is
running. The success of this local login depends on the user name
appearing in the local password file and on the user providing the correct
local password. In the case of a local login, AFS server processes
consider the issuer of the <B>ftp</B> command to be the user
<B>anonymous</B>.
<P>In the recommended configuration, the AFS version of the <B>ftpd</B>
process is substituted for the standard version (only one of the versions can
run at a time). The administrator then has two choices:
<UL>
<P><LI>Name the binary for the AFS version something like
<B>ftpd.afs</B>, leaving the standard version as the
<B>ftpd</B> process. Change the <B>inetd.conf</B>
configuration file to refer to the <B>ftpd.afs</B> file rather than
to the standard version.
<P><LI>Rename the binary for the AFS version to the standard name (such as
<B>ftpd</B>) and rename the binary for the standard version to something
like <B>ftpd.orig</B>. No change to the
<B>inetd.conf</B> file is necessary, but it is not as obvious that
the standard version of the <B>ftpd</B> process is no longer in
use.
</UL>
<P><STRONG>Cautions</STRONG>
<P>The AFS distribution does not include an AFS-modified version of this
command for every system type. On system types that use an integrated
authentication system, it is appropriate instead to control the
<B>ftpd</B> daemon's handling of AFS authentication through the
integrated system. For example, on system types that use the Pluggable
Authentication Module (PAM), add an <B>ftpd</B> entry that references the
AFS PAM module to the PAM configuration file. For instructions on
incorporating AFS into a machine's integrated authentication system, see
the <I>IBM AFS Quick Beginnings</I>.
<P>Some system types impose the following requirement. If the issuer of
the <B>ftp</B> command on the remote machine is using a shell other than
<B>/bin/csh</B>, then the <B>/etc/shells</B> file on the local disk of
the machine being accessed (the machine running the <B>ftpd</B> process)
must include an entry for the alternate shell.
<P><STRONG>Options</STRONG>
<DL>
<P><DT><B>-d
</B><DD>Directs debugging information to the system log daemon.
<P><DT><B>-l
</B><DD>Directs each FTP session to be logged to the system log daemon.
<P><DT><B>-t
</B><DD>Specifies a timeout period. By default, the FTP server will timeout
an inactive session after 15 minutes.
<P><DT><B>-v
</B><DD>Same as <B>-d</B>.
<P><DT><B>-T
</B><DD>Specifies a timeout period in seconds. By default, the FTP server
will timeout after 2 hours (7200 seconds).
<P><DT><B>-s
</B><DD>Turns on socket level debugging. Do not use this flag. It is
valid only on an operating system level that AFS does not support.
<P><DT><B>-u
</B><DD>Specifies the default UNIX mode bit file mask to use.
</DL>
<P><STRONG>Privilege Required</STRONG>
<P>See the UNIX manual page for the <B>ftpd</B> process.
<P><STRONG>Related Information</STRONG>
<P>UNIX manual page for <B>ftp</B>
<P>UNIX manual page for <B>ftpd</B>
<P><I>IBM AFS Quick Beginnings</I>
<P>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf177.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf179.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P> 
<!-- Begin Footer Records  ========================================== -->
<P><HR><B> 
<br>&#169; <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A>  All Rights Reserved 
</B> 
<!-- End Footer Records  ============================================ -->
<A NAME="Bot_Of_Page"></A>
</BODY></HTML>
initial-html-documentation-20010606 pull in all documentation from IBM 2001-06-06 20:09:07 +01:00			`<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">`
			`<HTML><HEAD>`
			`<TITLE>Administration Reference</TITLE>`
			`<!-- Begin Header Records ========================================== -->`
			`<!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID -->`
			`<!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30 -->`
			`<META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">`
			`<META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">`
			`<META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">`
			`</HEAD><BODY>`
			`<!-- (C) IBM Corporation 2000. All Rights Reserved -->`
			`<BODY bgcolor="ffffff">`
			`<!-- End Header Records ============================================ -->`
			`<A NAME="Top_Of_Page"></A>`
			`<H1>Administration Reference</H1>`
			<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf177.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf179.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
			`<P>`
			`<H2><A NAME="HDRFTPD" HREF="auarf002.htm#ToC_192">ftpd (AFS version)</A></H2>`
			`<A NAME="IDX5044"></A>`
			`<A NAME="IDX5045"></A>`
			`<A NAME="IDX5046"></A>`
			`<A NAME="IDX5047"></A>`
			`<A NAME="IDX5048"></A>`
			`<P><STRONG>Purpose</STRONG>`
			`<P>Initializes the Internet File Transfer Protocol server`
			`<P><STRONG>Synopsis</STRONG>`
			`<PRE><B>ftpd</B> [<B>-d</B>] [<B>-l</B>] [<B>-t</B> <<VAR>timeout</VAR>>] [<B>-v</B>] [<B>-T</B> <<VAR>MaxTimeOut</VAR>>] [<B>-u</B>] [<B>-s</B>]`
			`</PRE>`
			`<P><STRONG>Description</STRONG>`
			`<P>The AFS-modified <B>ftpd</B> program functions like the standard UNIX`
			`<B>ftpd</B> program, but also authenticates the issuer of the`
			`<B>ftp</B> command (who is presumably working on a remote machine) with`
			`the Authentication Server in the local cell (the home cell of the machine`
			`where the <B>ftpd</B> process is running, as defined in the local`
			`<B>/usr/vice/etc/ThisCell</B> file). The authentication is based on`
			`the user name and password provided at the <TT>ftp></TT> prompts on the`
			`remote machine. The Cache Manager on the machine running the`
			`<B>ftpd</B> process stores the newly created token, identifying it by`
			`process authentication group (PAG) rather than by the user's UNIX`
			`UID.`
			`<P>The issuer of the <B>ftp</B> command can be working in a foreign cell,`
			`as long as the user name and password provided are valid in the cell where the`
			`<B>ftpd</B> process is running. If the user name under which the`
			`<B>ftp</B> command is issued does not exist in the Authentication Database`
			`for the cell where the <B>ftpd</B> process is running, or the issuer`
			`provides the wrong password, then the <B>ftpd</B> process logs the user`
			`into the local file system of the machine where the <B>ftpd</B> process is`
			`running. The success of this local login depends on the user name`
			`appearing in the local password file and on the user providing the correct`
			`local password. In the case of a local login, AFS server processes`
			`consider the issuer of the <B>ftp</B> command to be the user`
			`<B>anonymous</B>.`
			`<P>In the recommended configuration, the AFS version of the <B>ftpd</B>`
			`process is substituted for the standard version (only one of the versions can`
			`run at a time). The administrator then has two choices:`
			`<UL>`
			`<P><LI>Name the binary for the AFS version something like`
			`<B>ftpd.afs</B>, leaving the standard version as the`
			`<B>ftpd</B> process. Change the <B>inetd.conf</B>`
			`configuration file to refer to the <B>ftpd.afs</B> file rather than`
			`to the standard version.`
			`<P><LI>Rename the binary for the AFS version to the standard name (such as`
			`<B>ftpd</B>) and rename the binary for the standard version to something`
			`like <B>ftpd.orig</B>. No change to the`
			`<B>inetd.conf</B> file is necessary, but it is not as obvious that`
			`the standard version of the <B>ftpd</B> process is no longer in`
			`use.`
			`</UL>`
			`<P><STRONG>Cautions</STRONG>`
			`<P>The AFS distribution does not include an AFS-modified version of this`
			`command for every system type. On system types that use an integrated`
			`authentication system, it is appropriate instead to control the`
			`<B>ftpd</B> daemon's handling of AFS authentication through the`
			`integrated system. For example, on system types that use the Pluggable`
			`Authentication Module (PAM), add an <B>ftpd</B> entry that references the`
			`AFS PAM module to the PAM configuration file. For instructions on`
			`incorporating AFS into a machine's integrated authentication system, see`
			`the <I>IBM AFS Quick Beginnings</I>.`
			`<P>Some system types impose the following requirement. If the issuer of`
			`the <B>ftp</B> command on the remote machine is using a shell other than`
			`<B>/bin/csh</B>, then the <B>/etc/shells</B> file on the local disk of`
			`the machine being accessed (the machine running the <B>ftpd</B> process)`
			`must include an entry for the alternate shell.`
			`<P><STRONG>Options</STRONG>`
			`<DL>`
			`<P><DT><B>-d`
			`</B><DD>Directs debugging information to the system log daemon.`
			`<P><DT><B>-l`
			`</B><DD>Directs each FTP session to be logged to the system log daemon.`
			`<P><DT><B>-t`
			`</B><DD>Specifies a timeout period. By default, the FTP server will timeout`
			`an inactive session after 15 minutes.`
			`<P><DT><B>-v`
			`</B><DD>Same as <B>-d</B>.`
			`<P><DT><B>-T`
			`</B><DD>Specifies a timeout period in seconds. By default, the FTP server`
			`will timeout after 2 hours (7200 seconds).`
			`<P><DT><B>-s`
			`</B><DD>Turns on socket level debugging. Do not use this flag. It is`
			`valid only on an operating system level that AFS does not support.`
			`<P><DT><B>-u`
			`</B><DD>Specifies the default UNIX mode bit file mask to use.`
			`</DL>`
			`<P><STRONG>Privilege Required</STRONG>`
			`<P>See the UNIX manual page for the <B>ftpd</B> process.`
			`<P><STRONG>Related Information</STRONG>`
			`<P>UNIX manual page for <B>ftp</B>`
			`<P>UNIX manual page for <B>ftpd</B>`
			`<P><I>IBM AFS Quick Beginnings</I>`
			`<P>`
			<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf177.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf179.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
			`<!-- Begin Footer Records ========================================== -->`
			`<P><HR><B>`
			`<br>© <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A> All Rights Reserved`
			`</B>`
			`<!-- End Footer Records ============================================ -->`
			`<A NAME="Bot_Of_Page"></A>`
			`</BODY></HTML>`