There is the /etc/ftpusers file, which lists usernames that should not be allowed to login via FTP. This simple security measure lets you ensure that certain accounts can never login from FTP, even if a valid username and password were given. This is desirable for accounts that aren't really live user accounts, such as bin or uucp.
This file is a list of usernames, one per line. The file is loaded only once, when NcFTPd starts up, so if you need to add users you will need to restart NcFTPd for the changes to take effect.
If you want to use this feature, set u-deny-users-file to the name of the file with the forbidden user names. You are encouraged to use the filename /etc/ftpusers which is recognized by other programs for this purpose.
For a host attached to an insecure network (i.e. the Internet), I highly recommend placing the root user in this file. Generally there should not be FTP activity for the superuser, except in controlled, internal environments.
Here's an example /etc/ftpusers file:
root bin daemon adm lp sync shutdown halt mail news uucp operator games nobodyExamples:
