Why can't users connect with SFTP/SSH

5 posts / 0 new
Last post
#1 Sun, 02/18/2007 - 20:42
Blueforce

Why can't users connect with SFTP/SSH

Hi Joe,

Our server don't have FTP(ProFTPd) running, we use SFTP(FTP over SSH), root and all domain owners can log in just fine. If I enable FTP for a regular user or create a new FTP user they can not log in with SFTP.

We have some users that want to upload/downlod files to/from a "private" folder for use by their employees and we want them to have their own login, NOT the server owner login and pwd.

Is it possible to use SFTP/SSH for regular users with FTP access or for FTP users, or do I have to start up ProFTPd and use regular FTP?

Regards, Leif

Mon, 02/19/2007 - 17:14
Joe
Joe's picture

Hey Leif,

You just need to change their shell (probably to /bin/sh or /bin/bash) to something other than /bin/false or /dev/null. SSH doesn't need any specific configuration for new users.

You definitely don't need to enable ProFTPd, and I don't recommend enabling FTP if your users are capable of using alternatives.

--

Check out the forum guidelines!

Tue, 02/20/2007 - 04:19 (Reply to #2)
Blueforce

Hi Joe,

Thanks!
Now it works! :-)
Does it matter which one I use, /bin/sh or /bin/bash, both seems to work ok.

Another thing, can i use 0750 for folders within /home?
Our box is Fedora Core 4 and Virtualmin Pro.

Regards,
Leif

Fri, 02/23/2007 - 13:22 (Reply to #3)
Joe
Joe's picture

Hey Leif,

On most Linux systems sh is a link to bash, but the fact that it's called sh might put bash into compatibility mode. Just to be sure you get all the cool new stuff in bash, go for /bin/bash. It's the One True Shell. ;-)

On a related note, one of my favorite additions to bash is a package called "bash-completion". It absolutely rules, and I install it wherever I go. It'll auto-complete things like hostnames (pulling the options from your ssh known_hosts file), files based on type (so it'll only complete with tar/tar.gz files when tar is the command...though this makes working with gzipped .wbm modules a nuisance, it is otherwise dreamy). It's in Fedora Extras for Fedora, and in universe on Debian/Ubuntu. You can also install it locally, for use by only one person. The website is here:

http://www.caliban.org/bash/

It has lots of other tips about making the most of bash.

--

Check out the forum guidelines!

Fri, 02/23/2007 - 13:24 (Reply to #4)
Joe
Joe's picture

Oh, yeah...on the permissions front. I'm rolling out a new Dovecot version 1.0rc15 today for at least CentOS/RHEL 4. If that goes well, I'll also roll it out for Fedora Core 4 and 5 tonight or tomorrow.

At that point, you'll be able to set homes to 0750. I'm looking forward to getting that one finally wrapped up!

--

Check out the forum guidelines!