LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   FTP server that accepts any username and password (https://www.linuxquestions.org/questions/linux-server-73/ftp-server-that-accepts-any-username-and-password-710792/)

Gethyn 03-11-2009 11:37 AM
FTP server that accepts any username and password
 
Hi everyone,

Sorry if this has been answered before, I've been looking around but not managing to come up with anything.

I have a bit of a weird situation. I'm doing some work on a mainframe system via VPN from an Ubuntu desktop. Occasionally it is necessary to export data from the mainframe to work on locally. This works through a bit of a kludge: so far as I can tell, the mainframe makes an FTP connection to the client computer, giving the username of the current (mainframe) user and password PASS.

In Windows there is a client program that allows the user to start a mini FTP server that receives the data. However, I haven't been able to find the same thing for Linux. Since it's just standard FTP protocol, I figured it should be possible to set up a server in Linux and configure it to accept the connections, as I've set up more standard FTP servers before.

However, I hit some snags. Using local users isn't possible because I can't create them with passwords of less than 6 characters. Using virtual/guest users seems to be very complicated, I had a go at that but got stuck (with vsftpd) on creating a PAM auth file. I'd really prefer something much simpler. I'm thinking along the lines of an FTP server that accepts connections given *any* username and password. I know that's extremely bad security practice, but it will be running on a secure office network over VPN, and I plan to keep it stopped by default and only start it when I need to transfer some data.

Does anyone have suggestions as to how I might do this? All the information I've been able to find is either for very basic anonymous FTP servers, or massively complicated (and properly secured) virtual user type setups.

Thanks in advance!

TB0ne 03-11-2009 01:11 PM
Quote:
Originally Posted by Gethyn (Post 3472015)
Hi everyone,

Sorry if this has been answered before, I've been looking around but not managing to come up with anything.

I have a bit of a weird situation. I'm doing some work on a mainframe system via VPN from an Ubuntu desktop. Occasionally it is necessary to export data from the mainframe to work on locally. This works through a bit of a kludge: so far as I can tell, the mainframe makes an FTP connection to the client computer, giving the username of the current (mainframe) user and password PASS.

In Windows there is a client program that allows the user to start a mini FTP server that receives the data. However, I haven't been able to find the same thing for Linux. Since it's just standard FTP protocol, I figured it should be possible to set up a server in Linux and configure it to accept the connections, as I've set up more standard FTP servers before.

However, I hit some snags. Using local users isn't possible because I can't create them with passwords of less than 6 characters. Using virtual/guest users seems to be very complicated, I had a go at that but got stuck (with vsftpd) on creating a PAM auth file. I'd really prefer something much simpler. I'm thinking along the lines of an FTP server that accepts connections given *any* username and password. I know that's extremely bad security practice, but it will be running on a secure office network over VPN, and I plan to keep it stopped by default and only start it when I need to transfer some data.

Does anyone have suggestions as to how I might do this? All the information I've been able to find is either for very basic anonymous FTP servers, or massively complicated (and properly secured) virtual user type setups.

Thanks in advance!
Try turning on anonymous users. The user ID will be "anonymous", and password will be whatever. That may help some...

Gethyn 03-11-2009 03:16 PM
Thanks, unfortunately that doesn't get round the problem. Vsftpd (for example) is configured for anonymous access out of the box on Ubuntu, but the mainframe doesn't want to access anonymously, it insists on sending a username! What the people who designed the system were thinking I don't know.

I have managed to find a way round the problem, which is not optimal in a number of ways, but I thought it might be of interest to some so I'll explain what I did. The key was using a Java based ftp server called CrossFTP server. It has a pretty straightforward GUI configuration system, that allows virtual users with silly passwords like "PASS". The complication with it is that to get it to bind to port 21 it has to be run as root, but it's designed to be run through Java web start, which should be run as a regular user.

I really, really don't suggest anyone does this for a site on an untrusted network or for a proper FTP site, but I launched it as root using the command
Code:
user@local:~$ sudo javaws http://www.crossftp.com/crossftpserver.jnlp
Once it was launched it was simple to add in the FTP users the mainframe wanted to use, complete with weak passwords, and give them write access to a directory created just for receiving this data.

This doesn't answer the original question, but it enabled me to get things working. Of course, it requires root access on the local machine, and requires Java to be installed (I used the Ubuntu standard release of Sun Java 6, haven't tested any others), but I can live with that. Hope it helps other people!


All times are GMT -5. The time now is 08:24 AM.