Enabling and Disabling ftp services on Solaris

For security purposes, administrators may wish to disable ftp on a given Solaris system. This article provides the simple steps necessary to perform this task under Solaris 8 & 9 [updated for Solaris 10 & 11]

Solaris 8 and Solaris 9

  • Confirm ftp is enabled or disabled:
    root@sol9# grep ftp /etc/inetd.conf
    ftp	stream	tcp	nowait	root	/usr/sbin/tcpd	in.ftpd -l -a
    If the ftp string is commented out (preceeded with #), then ftp is disabled else it is enabled.
  • To disable ftp, edit /etc/inetd.conf and comment out the ftp string, ie:
    #ftp	stream	tcp	nowait	root	/usr/sbin/tcpd	in.ftpd -l -a
    then run
    root@sol9# kill -HUP inetd
  • To enable ftp, edit /etc/inetd.conf and uncomment the ftp string, ie
    ftp	stream	tcp	nowait	root	/usr/sbin/tcpd	in.ftpd -l -a
    then perform
    root@sol9# kill -HUP inetd

Solaris 10

  • Confirm ftp is enabled or not
    root@sol10# inetadm | grep ftp
    enabled   online         svc:/network/ftp:default
  • To disable ftp, perform:
    root@sol10# inetadm -d ftp
  • To enable ftp, perform:
    root@sol10# inetadm -e ftp
  • To list details about ftp:
    root@sol10# inetadm -l ftp

Solaris 11

  • Confirm state of ftp:
    root@sol11# svcs -a | grep ftp
  • To disable ftp, perform:
    root@sol11# svcadm disable  svc:/network/ftp:default
  • to enable ftp, perform:
    root@sol11# svcadm enable  svc:/network/ftp:default
  • To list details about ftp:
    root@sol11# svcs -l svc:/network/ftp:default
    root@sol11# svcs -xv svc:/network/ftp:default