LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-12-2012, 04:49 AM   #1
Glop
LQ Newbie
 
Registered: Dec 2012
Posts: 2

Rep: Reputation: Disabled
WinSCP, sudo & SFTP: can't get them all working together


Complete beginner here.

I'm using Ubuntu 12.10, trying to allow WinSCP to connect with root access (I'm using keys, not passwords). I've been following the steps in the WinSCP FAQ, and this post:

Quote:
I fought with this today and came up with the following solution:

Add a line to your sudoers file:
username ALL=NOPASSWD: /usr/lib/openssh/sftp-server

Then in the SFTP setup section of WinSCP edit the session SFTP server:
sudo /usr/lib/openssh/sftp-server

Boom, root access to file system via WinSCP.
HTH,
Clint
from a thread on the WinSCP forums.

I've added the line to my sudoers file so it looks like this:
Quote:
# User privilege specification
root ALL=(ALL:ALL) ALL
chris ALL=NOPASSWD: /usr/lib/openssh/sftp-server
and I've set up the SFTP in WinSCP as directed.

Connection and authentication seems to work fine until trying to use sudo. WinSCP gives me this message after the key is authenticated:
Quote:
Cannot initialize SFTP protocol. Is the host running a SFTP server?
My auth.log shows this:

Quote:
sshd[3070]: Accepted publickey for chris from 27.xxx.xxx.xxx port 51868 ssh2
sudo: pam_unix(sudo:auth): conversation failed
sudo: pam_unix(sudo:auth): auth could not identify password for [chris]
sshd[3079]: Accepted publickey for chris from 27.xxx.xxx.xxx port 51899 ssh2
sudo: pam_unix(sudo:auth): conversation failed
sudo: pam_unix(sudo:auth): auth could not identify password for [chris]
I've also tried changing the additional line in sudoers to
Quote:
chris ALL=NOPASSWD: ALL
with the same results.

Connecting without trying to use sudo works fine.

Can anyone let me know how I'm messing this up? Seems it should be fairly simple, but it's been causing me quite a few headaches.

Thanks
 
Old 12-12-2012, 12:28 PM   #2
Glop
LQ Newbie
 
Registered: Dec 2012
Posts: 2

Original Poster
Rep: Reputation: Disabled
Found the problem. In case anyone else happens to experience the same thing, the line:
Quote:
yourusername ALL=NOPASSWD: /usr/lib/openssh/sftp-server
needs to go under the admin group section like so:
Quote:
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
yourusername ALL=NOPASSWD: /usr/lib/openssh/sftp-server
not under the user privilege specification.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Running WinSCP with sudo su to non-root user MensaWater Linux - General 10 10-17-2012 04:27 PM
SFTP logging for Chroot on CentOS 6.2 with openssh-5.3 not working (internal-sftp) RatherBFishin Linux - Server 1 08-30-2012 07:45 PM
Why is nohup ... & not Working When Script is Running sftp? cnewtonne Linux - Server 1 11-23-2009 01:26 PM
SFTP - CyberDuck doesn't work, but WinSCP does? Server exited on signal "PIPE"? dragos19 Other *NIX 1 10-04-2008 05:52 PM
Group Permissions not working when using WinSCP Drokare Linux - Security 2 04-08-2008 03:38 AM


All times are GMT -5. The time now is 03:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration