Securing and Optimizing Linux: RedHat Edition -A Hands on Guide
PrevChapter 32. Linux FTP ServerNext

32.5. Configure the /etc/ftphosts file

The /etc/ftphosts file is used to define whether users are allowed to log in from certain hosts or whether there are denied access.

  1. Create the ftphosts file, touch /etc/ftphosts and add for example in this file the following lines: 
    
          # Example host access file
          #
          # Everything after a '#' is treated as comment,
          # empty lines are ignored
          allow ftpadmin 208.164.186.1 208.164.186.2 208.164.186.4
          deny ftpadmin 208.164.186.5
    In the example below, we allow the user ftpadmin to connect via FTP from the explicitly listed addresses 208.164.186.1 208.164.186.2 208.164.186.4, and deny the specified ftpadmin user to connect from the site 208.164.186.5.

  2. Now, change its default permission to be 600: 
    
          [root@deep ] /# chmod 600 /etc/ftphosts

32.5.1. Configure the /etc/ftpusers file

The /etc/ftpusers/ file specifies those users that are NOT allowed to connect to your FTP server.

  1. Create the ftpusers file, touch /etc/ftpusers and add in this file the following users for security reasons: 
    
            root
            bin
            daemon
            adm
            lp
            sync
            shutdown
            halt
            mail
            news
            uucp
            operator
            games
            nobody

  2. Now, change its default permission to be 600: 
    
            [root@deep ] /# chmod 600 /etc/ftpusers

PrevHomeNext
ConfigurationsUpConfigure the /etc/ftpconversions file