UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The ftpusers file must exist.


Overview

Finding ID Version Rule ID IA Controls Severity
V-840 GEN004880 SV-51983r1_rule ECCD-1 ECCD-2 Medium
Description
The ftpusers file contains a list of accounts not allowed to use FTP to transfer files. If this file does not exist, then unauthorized accounts can utilize FTP.
STIG Date
Red Hat Enterprise Linux 5 Security Technical Implementation Guide 2015-06-12

Details

Check Text ( C-36189r1_chk )
Check for the existence of the ftpusers file.

Procedure:
For gssftp:
# ls -l /etc/ftpusers

For vsftp:
# ls -l /etc/vsftpd.ftpusers
or
# ls -l /etc/vsftpd/ftpusers

If the appropriate ftpusers file for the running FTP service does not exist, this is a finding.

Fix Text (F-45028r1_fix)
Create an ftpusers file appropriate for the running FTP service.
For gssftp:
Create an /etc/ftpusers file containing a list of accounts not authorized for FTP.

For vsftp:
Create an /etc/vsftpd.ftpusers or /etc/vsftpd/ftpusers (as appropriate) file containing a list of accounts not authorized for FTP.