What is FTP ACCT command for?

4
votes

The FTP protocol has quite some commands that can be used:

ABOR - abort a file transfer
CWD - change working directory
DELE - delete a remote file
LIST - list remote files
MDTM - return the modification time of a file
MKD - make a remote directory
NLST - name list of remote directory
PASS - send password
PASV - enter passive mode
PORT - open a data port
PWD - print working directory
QUIT - terminate the connection
RETR - retrieve a remote file
RMD - remove a remote directory
RNFR - rename from
RNTO - rename to
SITE - site-specific commands
SIZE - return the size of a file
STOR - store a file on the remote host
TYPE - set transfer type
USER - send username

and

ACCT - send account information
APPE - append to a remote file
CDUP - CWD to the parent of the current directory
HELP - return help on using the server
MODE - set transfer mode
NOOP - do nothing
REIN - reinitialize the connection
STAT - return server status
STOU - store a file uniquely
STRU - set file transfer structure
SYST - return system type

What I am interested in, is the ACCT command. Even tough it is not implemented in all FTP servers, it has to come from somewhere. What is its purpose?

From RFC 959:

     ACCOUNT (ACCT)

        The argument field is a Telnet string identifying the user's
        account.  The command is not necessarily related to the USER
        command, as some sites may require an account for login and
        others only for specific access, such as storing files.  In
        the latter case the command may arrive at any time.

        There are reply codes to differentiate these cases for the
        automation: when account information is required for login,
        the response to a successful PASSword command is reply code
        332.  On the other hand, if account information is NOT
        required for login, the reply to a successful PASSword
        command is 230; and if the account information is needed for
        a command issued later in the dialogue, the server should
        return a 332 or 532 reply depending on whether it stores
        (pending receipt of the ACCounT command) or discards the
        command, respectively.

This does not help me much either. Anyone bother shedding some light into this?

Is it just a possibility to pass a string to be matched on the server?
I.e. to create groups which be be given different access rights or something?

1
ftpprotocolsrfc
The string in question, what it means, and what it is used for, depends on the ftp server software. It could be something identifying which OS user that logs in, or some other type of account.Lasse V. Karlsen
What was it's intention, when it got into the RFC?sjas
To be able to identify the account to be used, separately from the USER specification.Lasse V. Karlsen
What is the difference then between USER and ACCT? (...)sjas
USER specifies the user used for authorization. Once authorized the user might need to select between various accounts it has. While this might not be a common use case with most servers, remember that ftp is not only usable for systems where each user has only a single account, but that its a really old protocol and was developed in mind with mainframes, VMS and others which might be different or more flexible when separating authorization and account.Steffen Ullrich

1 Answers

5
votes

USER specifies the user used for authorization. Once authorized the user might need to select between various accounts it has. While this might not be a common use case with most servers, remember that ftp is not only usable for systems where each user has only a single account, but that its a really old protocol and was developed in mind with mainframes, VMS and others which might be different or more flexible when separating authorization and account.