APPLICABLE PRODUCTS
All Ethernet based Anybus CompactCom products
PRE-REQUISITES
Ethernet based Anybus CompactCom 30 / Anybus CompactCom 40
SOLUTION DESCRIPTION
You can restrict access to the FTP server in an Anybus CompactCom by means of user accounts. To do this, you simply need to add an ftp.cfg file containing account credentials (username:password:authorized directory) to the file system root.
This is an example content of a ftp.cfg file :
admin:admin:\
user1:password1:\styles
user2:password2:\logs
user3:password3:\firmware
You can also replace the username:password part by a path to a file that contains several username:password pairs, like \path\userlistA:HomedirectoryA.
This is useful, especially when you want to give several users access to one directory exclusively.
To log into a session you type username:password@<IP address>.
In the previous example, admin will have access to the root of the file system, and therefore to all the files and directories in it. On the other hand, user1, user2 and user3 will only have access to \styles, \logs, and \firmware, respectively.
We simply add the ftp.cfg file from our example to the root of the file system, and the next time we try to access the server, only the users having their accounts in ftp.cfg will be able to access it using their credentials.
Here are some screenshots depicting the process:
We initialize our module to WAIT_PROCESS, and it becomes available on the network.
We open the FTP server's directory root and copy the ftp.cfg containing the accounts shown in our example.
When we reinitialize the module and try to access the FTP server's directory root again, we get prompted to enter the admin's credentials.
Alternatively, we could also access the root by directly entering admin:admin@192.168.1.112 in the address bar.
When we type user2:password2@192.168.1.112, we are directly redirected to the \logs directory, which is the only one user2 has access to.
Another interesting outcome of securing your Anybus CompactCom's FTP server with user account is that only those users that have access to the \firmware directory can perform automatic firmware updates using Firmware Manager II.
After adding the previous ftp.cfg file, here is what we obtain when we launch Firmware Manager II.
Then we have to log in with a user that has access to the \firmware directory.
If we try logging in with a user that does not have access to \firmware, the login credentials will simply be ignored. Since admin has access to the root of the FTP server, it also has access to the \firmware directory. However, we can also log in with user3, who only has access to \firmware.
Our module is no longer grayed out, and we can proceed to perform the firmware update.