PAM_FTP

Section: Linux\-PAM Manual (8)
Updated: 06/16/2009
Index Return to Main Contents

pam_ftp - PAM module for anonymous access module

Synopsis

pam_ftp.so [debug] [ignore] [users=XXX,YYY,...]

DESCRIPTION

pam_ftp is a PAM module which provides a pluggable anonymous ftp mode of access.

This module intercepts the user's name and password. If the name is ftp or anonymous, the user's password is broken up at the @ delimiter into a PAM_RUSER and a PAM_RHOST part; these pam-items being set accordingly. The username (PAM_USER) is set to ftp. In this case the module succeeds. Alternatively, the module sets the PAM_AUTHTOK item with the entered password and fails.

This module is not safe and easily spoofable.

OPTIONS

debug

: Print debug information.

ignore

: Pay no attention to the email address of the user (if supplied).

ftp=XXX,YYY,...

: Instead of ftp or anonymous, provide anonymous login to the comma separated list of users: XXX,YYY,.... Should the applicant enter one of these usernames the returned username is set to the first in the list: XXX.

MODULE TYPES PROVIDED

Only the auth module type is provided.

RETURN VALUES

PAM_SUCCESS

: The authentication was successful.

PAM_USER_UNKNOWN

: User not known.

EXAMPLES

Add the following line to FC/etc/pam.d/ftpdF[] to handle ftp style anonymous login:



#
# ftpd; add ftp-specifics. These lines enable anonymous ftp over
#       standard UN*X access (the listfile entry blocks access to
#       users listed in /etc/ftpusers)
#
auth    sufficient  pam_ftp.so
auth    required    pam_unix.so use_first_pass
auth    required    pam_listfile.so \
           onerr=succeed item=user sense=deny file=/etc/ftpusers

AUTHOR

pam_ftp was written by Andrew G. Morgan <morgan@kernel.org>.

This document was created by man2html, using the manual pages.
Time: 05:34:28 GMT, December 24, 2015