Problems with FTP and null passwords
Jeff Beadles
jeff at onion.pdx.com
Wed Aug 1 02:37:18 AEST 1990
In article <EMV.90Jul26234412 at urania.math.lsa.umich.edu> emv at math.lsa.umich.edu (Edward Vielmetti) writes:
:>In article <1364 at necis.UUCP> adamm at necis.UUCP (Adam S. Moskowitz) writes:
:>
:> I have several machines on a private network used exclusively for
:> testing. Since they're just test machines, we don't bother with
:> passwords. However, ftp doesn't grok null passwords. It seems to me
:> that with a /etc/passwd entry such as "adamm::5006:. . ." ftp
:> shouldn't even ask for a password. Since it does, it should be
:> smart enough to recognize the null password the user gives.
:>
:>I think what you mean is not "null password" but "no password required".
:>Or perhaps "any password acceptable".
:>
:>Looking at RFC 959 (FTP) for clues, which you should do, it appears
:>that according to the protocol the dialog should look like
:>
:> USER adamm
:> 230 User logged in, proceed.
:>
:>rather than
:>
:> USER adamm<CRLF>
:> 331 User name okay, need password.
:> PASS <CRLF>
:> 230 User logged in, proceed.
:>
:>cause it looks from the grammar in section 5.3.2 that a password
:>is a "string" of length at least 1.
:>
:>--Ed
:>
:>Edward Vielmetti, U of Michigan math dept <emv at math.lsa.umich.edu>
:>comp.archives moderator
In all implimentions of ftpd that I've seen, they go out of their way to
block no-password ftp attempts. Why, I'm not sure.
-Jeff
--
Jeff Beadles jeff at onion.pdx.com
More information about the Comp.unix.questions
mailing list