summaryrefslogtreecommitdiff
path: root/modules/pam_ftp/pam_ftp.8
blob: 41b52da013ccb93da6369b71e851e7541318c790 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
.\"     Title: pam_ftp
.\"    Author: 
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
.\"      Date: 06/02/2006
.\"    Manual: Linux\-PAM Manual
.\"    Source: Linux\-PAM Manual
.\"
.TH "PAM_FTP" "8" "06/02/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
pam_ftp \- PAM module for anonymous access module
.SH "SYNOPSIS"
.HP 11
\fBpam_ftp.so\fR [debug] [ignore] [users=\fIXXX,YYY,\fR...]
.SH "DESCRIPTION"
.PP
pam_ftp is a PAM module which provides a pluggable anonymous ftp mode of access.
.PP
This module intercepts the user's name and password. If the name is
\fIftp\fR
or
\fIanonymous\fR, the user's password is broken up at the
\fI@\fR
delimiter into a
\fIPAM_RUSER\fR
and a
\fIPAM_RHOST\fR
part; these pam\-items being set accordingly. The username (\fIPAM_USER\fR) is set to
\fIftp\fR. In this case the module succeeds. Alternatively, the module sets the
\fIPAM_AUTHTOK\fR
item with the entered password and fails.
.PP
This module is not safe and easily spoofable.
.SH "OPTIONS"
.PP
.TP 3n
\fBdebug\fR
Print debug information.
.TP 3n
\fBignore\fR
Pay no attention to the email address of the user (if supplied).
.TP 3n
\fBftp=\fR\fB\fIXXX,YYY,...\fR\fR
Instead of
\fIftp\fR
or
\fIanonymous\fR, provide anonymous login to the comma separated list of users:
\fB\fIXXX,YYY,...\fR\fR. Should the applicant enter one of these usernames the returned username is set to the first in the list:
\fIXXX\fR.
.SH "MODULE SERVICES PROVIDED"
.PP
Only the
\fBauth\fR
service is supported.
.SH "RETURN VALUES"
.PP
.TP 3n
PAM_SUCCESS
The authentication was successfull.
.TP 3n
PAM_USER_UNKNOWN
User not known.
.SH "EXAMPLES"
.PP
Add the following line to
\fI/etc/pam.d/ftpd\fR
to handle ftp style anonymous login:
.sp
.RS 3n
.nf
#
# ftpd; add ftp\-specifics. These lines enable anonymous ftp over
#       standard UN*X access (the listfile entry blocks access to
#       users listed in /etc/ftpusers)
#
auth    sufficient  pam_ftp.so
auth    required    pam_unix.so use_first_pass
auth    required    pam_listfile.so \\
           onerr=succeed item=user sense=deny file=/etc/ftpusers
      
.fi
.RE
.sp
.SH "SEE ALSO"
.PP

\fBpam.conf\fR(5),
\fBpam.d\fR(8),
\fBpam\fR(8)
.SH "AUTHOR"
.PP
pam_ftp was written by Andrew G. Morgan <morgan@kernel.org>.