sublogin in anonymous ftp using user command

With  wu-ftpd,  when  anonymous  users  ftp in  and  try a
sublogin with the "user"  command, they get this  message:
Can't change user from guest login.

Is there a way to allow sublogins for anonymous ftp?

Are there any  security  issues by allowing  sublogins  in
anonymous ftp?.
dhanaAsked:
Who is Participating?
 
dotandCommented:
The restriction against sub-login in guest mode is intended. Itherwise I could login to your server as anonymopus and start using the USER command to attempt cracking your system.
Because I'll allrerady be logged and there is no loggin information that is gathered and examined dynamically I'll be set to break your system.

Better that you stick to the old method of letting the users login as usual. If you fear for people grabbing the passwords over the net move to a one time password system or use encrypted connections.

If you will give moire information maybe somebody can tailor a solution to your particular ituation.

HTH,
Dotan
 
0
 
dhanaAuthor Commented:
Edited text of question
0
 
dhanaAuthor Commented:
Expecting the answer?
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
squintCommented:
# man ftpaccess

....

     guestgroup <groupname> [<groupname> ...]
          If a REAL user is a member of any of  <groupname>,  the
          session  is  set  up exactly as with anonymous FTP.  In
          other words, a chroot() is done, and  the  user  is  no
          longer  permitted  to issue the USER and PASS commands.
          <groupname> is a valid group from /etc/group (or  wher-
          ever your getgrent() call looks).

....


0
 
HalldorGCommented:
ftp -n machine then you can do user after you get the connection
0
 
dhanaAuthor Commented:
If ftp is invoked with -n option, no other command is executed
in the ftp session. For example,

ftp1:root> ftp -n ftp1
Connected to ftp1.india.hp.com.
220 ftp1.india.hp.com FTP server (Version 1.1.214.2 Tue Nov  3 06:02:05 GMT 1998
) ready.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
530 Please login with USER and PASS.

In bove example, the only option is, after entering into the ftp seesion, immediately user has to issue the "user" to command to execute any command.

The user has to execute series of command in the ftp session, and then has to issue the "user" command.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.