I periodically use the stock Solaris FTP server on some of my servers, especially when I need to move tons of data around. Enabling the ftp service in Solaris is a snap:
$ svcadm enable network/ftp
The default ftp configuration leaves a lot to be desired, especially when you consider that nothing is logged. To configure the FTP daemon to log logins, transferred files and the commands sent to the server, you can enter the svccfg shell and add some additional options to the in.ftpd command line:
$ svccfg
svc:>select ftp
svc:/network/ftp>setprop inetd_start/exec="/usr/sbin/in.ftpd -a -l -L -X -w"
svc:/network/ftp>listprop
The “-a” option will enable the use of the ftpaccess file, the “-l” option will log each FTP session, the “-L” option will log all commands sent to the server, the “-X” option will cause all file acesses to be logged to syslog, and the “-w” option will record the logins to the wtmpx file. Since most of this information is logged using the daemon facility and info log level, you will need to add a daemon.info entry to /etc/syslog.conf if you want the data to be logged to a file (or to a remote log server). To force the changes listed above to take effect, you will need to restart the inetd, system-log and ftp services:
$ svcadm restart inetd
$ svcadm restart network/ftp
$ svcadm restart system-log
Now each time an FTP transfer occurs, you will get entries similar to the following in the system log:
Nov 24 17:46:32 prefetch01 ftpd[9304]: [ID 716067 daemon.info] AUTH GSSAPI
Nov 24 17:46:32 prefetch01 ftpd[9304]: [ID 716067 daemon.info] AUTH KERBEROS_V4
Nov 24 17:46:32 prefetch01 ftpd[9304]: [ID 165209 daemon.info] USER prefetch
Nov 24 17:46:32 prefetch01 ftpd[9304]: [ID 125383 daemon.info] PASS password
Nov 24 17:46:32 prefetch01 ftpd[9304]: [ID 124999 daemon.info] FTP LOGIN FROM 1.2.3.4 [1.2.3.4], backup
Nov 24 17:46:32 prefetch01 ftpd[9304]: [ID 470890 daemon.info] SYST
Nov 24 17:48:42 prefetch01 ftpd[9304]: [ID 225560 daemon.info] QUIT
Nov 24 17:48:42 prefetch01 ftpd[9304]: [ID 528697 daemon.info] FTP session closed
While FTP isn’t to be relied on for 99% of what we do, it definitely still has its place.