summaryrefslogtreecommitdiff
path: root/modules/pam_ftp/README
diff options
context:
space:
mode:
authorThorsten Kukuk <kukuk@thkukuk.de>2006-06-01 16:33:48 +0000
committerThorsten Kukuk <kukuk@thkukuk.de>2006-06-01 16:33:48 +0000
commitd957aff169f145f9c9c85c23266f1ed22ce8e279 (patch)
tree20cceeb042e7858a35c588290ce0f9cafaf9b8a8 /modules/pam_ftp/README
parent4eb2a80c4074e8495e2dbdac2af9532c0d355ced (diff)
Relevant BUGIDs:
Purpose of commit: new feature Commit summary: --------------- 2006-06-01 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_ftp/Makefile.am: Include Make.xml.rules. * modules/pam_ftp/pam_ftp.8.xml: New. * modules/pam_ftp/pam_ftp.8: New, generated from xml file. * modules/pam_ftp/README.xml: New. * modules/pam_ftp/README: Regenerated from xml file.
Diffstat (limited to 'modules/pam_ftp/README')
-rw-r--r--modules/pam_ftp/README60
1 files changed, 47 insertions, 13 deletions
diff --git a/modules/pam_ftp/README b/modules/pam_ftp/README
index 6d03330c..15f4130e 100644
--- a/modules/pam_ftp/README
+++ b/modules/pam_ftp/README
@@ -1,18 +1,52 @@
-This is the README for pam_ftp
-------------------------------
+pam_ftp — PAM module for anonymous access module
-This module is an authentication module that does simple ftp
-authentication.
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-Recognized arguments:
+DESCRIPTION
- "debug" print debug messages
- "users=" comma separated list of users which
- could login only with email adress
- "ignore" allow invalid email adresses
+pam_ftp is a PAM module which provides a pluggable anonymous ftp mode of
+access.
-Options for:
-auth: for authentication it provides pam_authenticate() and
- pam_setcred() hooks.
+This module intercepts the user's name and password. If the name is ftp or
+anonymous, the user's password is broken up at the @ delimiter into a PAM_RUSER
+and a PAM_RHOST part; these pam-items being set accordingly. The username (
+PAM_USER) is set to ftp. In this case the module succeeds. Alternatively, the
+module sets the PAM_AUTHTOK item with the entered password and fails.
+
+This module is not safe and easily spoofable.
+
+OPTIONS
+
+debug
+
+ Print debug information.
+
+ignore
+
+ Pay no attention to the email address of the user (if supplied).
+
+ftp=XXX,YYY,...
+
+ Instead of ftp or anonymous, provide anonymous login to the comma separated
+ list of users: XXX,YYY,.... Should the applicant enter one of these
+ usernames the returned username is set to the first in the list: XXX.
+
+EXAMPLES
+
+Add the following line to /etc/pam.d/ftpd to handle ftp style anonymous login:
+
+#
+# ftpd; add ftp-specifics. These lines enable anonymous ftp over
+# standard UN*X access (the listfile entry blocks access to
+# users listed in /etc/ftpusers)
+#
+auth sufficient pam_ftp.so
+auth required pam_unix.so use_first_pass
+auth required pam_listfile.so \
+ onerr=succeed item=user sense=deny file=/etc/ftpusers
+
+
+AUTHOR
+
+pam_ftp was written by Andrew G. Morgan <morgan@kernel.org>.
-Thorsten Kukuk <kukuk@suse.de>, 17. June 1999