Securing-Optimizing-RH-Linux-1_2_443
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
443
Configuration of the /etc/ftpusers file
The /etc/ftpusers file specifies those users that are NOT allowed to connect to your FTP server.
Step 1
Create the ftpusers file (touch /etc/ftpusers) and add in this file the following users for security
reasons:
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
Step 2
Now, change its default permission to be 600:
[root@deep /]# chmod 600 /etc/ftpusers
Configuration of the /etc/ftpconversions file
The /etc/ftpconversions file contain instruction that permit to compress files on demand before
the transfer.
Step 1
Edit the ftpconversions file (vi /etc/ftpconversions) and add in this file the following lines:
:.Z: : :/bin/compress -d -c %s:T_REG|T_ASCII:O_UNCOMPRESS:UNCOMPRESS
: : :.Z:/bin/compress -c %s:T_REG:O_COMPRESS:COMPRESS
:.gz: : :/bin/gzip -cd %s:T_REG|T_ASCII:O_UNCOMPRESS:GUNZIP
: : :.gz:/bin/gzip -9 -c %s:T_REG:O_COMPRESS:GZIP
: : :.tar:/bin/tar -c -f - %s:T_REG|T_DIR:O_TAR:TAR
: : :.tar.Z:/bin/tar -c -Z -f - %s:T_REG|T_DIR:O_COMPRESS|O_TAR:TAR+COMPRESS
: : :.tar.gz:/bin/tar -c -z -f - %s:T_REG|T_DIR:O_COMPRESS|O_TAR:TAR+GZIP
: : :.crc:/bin/cksum %s:T_REG::CKSUM
: : :.md5:/bin/md5sum %s:T_REG::MD5SUM
Step 2
Now, change its default permission to be 600:
[root@deep /]# chmod 600 /etc/ftpconversions
Configuration of the /etc/pam.d/ftp file
Configure your /etc/pam.d/ftp file to use pam authentication.
Create the ftp file (touch /etc/pam.d/ftp) and add the following lines: