Date: Fri, 9 Aug 1996 17:11:09 +0900 From: hosokawa@mt.cs.keio.ac.jp (HOSOKAWA Tatsumi) To: cmadison@tippy2.vnet.net Cc: current@freebsd.org, hosokawa@mt.cs.keio.ac.jp Subject: Re: ftpd won't allow login Message-ID: <199608090811.RAA24106@frig.mt.cs.keio.ac.jp> In-Reply-To: Your message of Fri, 9 Aug 1996 02:37:51 -0400 (EDT). <Pine.BSI.3.95.960809023209.3874B-100000@tippy2.vnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <Pine.BSI.3.95.960809023209.3874B-100000@tippy2.vnet.net> cmadison@tippy2.vnet.net writes: >> I had a user tell me that he could not login via ftp, but could >> telnet in just fine. So I tried it with my account....I can telnet >> in fine, but when I ftp in, ftp chokes on the password saying: Allowing 'ftp' user's telnet login can be security hole in some cases. For example, if somebody can put .rhost in your ~ftp directory, the intruders can login your machine without password authentication. It can't be a security hole when the host is configured carefully, but it turns to be security hole when the host is carelessly misconfugred. Were not for special reasons, I don't recommend you to allow ftp user's login. -- HOSOKAWA, Tatsumi E-mail: hosokawa@mt.cs.keio.ac.jp WWW homepage: http://www.mt.cs.keio.ac.jp/person/hosokawa.html Department of Computer Science, Keio University, Yokohama, Japan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608090811.RAA24106>