Configuring anonymous File Transfer Protocol

Anonymous File Transfer Protocol (FTP) enables remote users to use the FTP server without an assigned user ID and password.

Anonymous FTP enables unprotected access (no password required) to selected information about a remote system. The remote site determines what information is made available for general access. Such information is considered to be publicly accessible and can be read by anyone. It is the responsibility of the person who owns the information and the system to assure that only appropriate information is made available.

To access this information, a user logs on to the hosts using the user ID ANONYMOUS. The user ANONYMOUS has limited access rights to the files on the FTP server and has some operating restrictions. Typically, the following operations are only operations allowed.

Typically, anonymous users are not allowed to transfer files to the FTP server. Some systems do provide an incoming directory for anonymous users to send data to. Traditionally, the special anonymous user account accepts a string as a password, although it is common to use either the password guest or one's e-mail address. Some archive sites explicitly ask for the user's e-mail address and do not allow logon with the guest password. Providing an e-mail address is a courtesy that allows the archive site operators to get some idea of who is using their services.

Anonymous FTP on the IBM i operating system

The File Transfer Protocol (FTP) server does not use anonymous FTP. To set up anonymous FTP on the IBM® i operating system, you need to provide exit programs for the FTP server logon exit point and the FTP Request Validation exit point.

You might want to provide anonymous FTP because it is a convenient and often necessary service. However, using anonymous FTP raises security concerns for the system.

  1. Preparing for anonymous File Transfer Protocol
    To set up your anonymous File Transfer Protocol (FTP), you need to be aware of certain security considerations.
  2. Writing exit programs for anonymous File Transfer Protocol
    To use anonymous File Transfer Protocol (FTP) on the IBM i operating system, you need to write two exit programs: FTP Server Logon exit program and FTP Server Request Validation exit program.
  3. Creating an IBM i user profile: ANONYMOUS
    To prevent anyone from signing on to the IBM i operating system with the user profile ANONYMOUS directly, you need to create a user profile of ANONYMOUS and assign it a password of *NONE.
  4. Creating a public library or directory
    After creating anonymous users, you might want to create a public library or directory for them to use. Typically anonymous users should only be able to access public files.
  5. Installing and registering exit programs
    You can create a library to contain your exit programs and their log files, compile the programs, and register them for use by the File Transfer Protocol (FTP) server.
Parent topic: Configuring the File Transfer Protocol server
Related concepts:
Managing access using File Transfer Protocol exit programs
Controlling File Transfer Protocol access
Related reference:
FTP server logon exit point