Activating the FTP Server


The Mac OS X distribution includes an FTP server called lukemftpd , which is a port of the NetBSD FTP server. Because Apple is concerned about the security of your machine, this service is not turned on by default. At this point, you can use FTP only to connect from your Mac OS X machine to other FTP servers. After you've turned on the FTP service, you can FTP directly to your Mac OS X machine.

To activate the FTP server, check the FTP Access box under the Services tab of the Sharing pane, as shown in Figure 12.1.

Figure 12.1. The FTP server is activated in the Sharing pane.


What this does behind the scenes is change the disable line in /etc/xinetd.d/ftp to disable=no and force xinetd to reread its configuration file. If, for whatever reason, you're using inetd rather the default xinetd , uncomment the ftp line and then run killall -HUP inetd to have inetd reread its configuration file.


Remember that when you do this, you're opening a service that will accept user IDs and passwords in clear text over your network connection. If a user with an account on your machine tries to use a normal FTP client to use the FTP service, she'll be prompted for her user ID and password. If she provides them, this information will be visible to anyone watching your network. This is probably not what you want. We'll discuss options to make this information more secure later in this chapter. Specifically, look to the section on setting up an FTP server to provide encrypted access to connections tunneled through SSH, or possibly the option of requiring anonymous, rather than real-user, FTP access. Note that if you use the anonymous option, there's nothing to prevent your users from trying to use their own user IDs and passwords instead of "anonymous," so this is no guarantee that your users will use the service securely!


Mac OS X Maximum Security
Maximum Mac OS X Security
ISBN: 0672323818
EAN: 2147483647
Year: 2003
Pages: 158 © 2008-2017.
If you may any questions please contact us: