LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-01-2012, 01:55 PM   #1
vakisari
LQ Newbie
 
Registered: May 2012
Posts: 2

Rep: Reputation: Disabled
SFTP, root access, Ubuntu 12.04


So, I've done some searching and while there are similar questions already asked elsewhere in these forums, none of them had a response that was quite right for me. It's a typical setup, but I've got an Ubuntu 12.04 server ami running on an Amazon EC2 instance. I currently have SSH access under the normal ubuntu account of course, and that particular Amazon setup comes with sftp turned on my default. So, under the ubuntu user account I can login via ssh or sftp and do my thing. You all know what is coming next...

So of course, my question, is how do I set it up so that I can SFTP in with the ability to upload/download files anywhere on the server. I understand I could go through while ssh'd in and manually change permissions for every single folder, but I'd really prefer something a little less of a hassle. The solutions doesn't necessarily have to involve sftp'ing in as root, but I want a way to change the ubuntu user to have full access during sftp to upload/download anything, anywhere... or to sftp in as root. I've read just about every linux forum I can find, and I already know everyone is going to chime in with the usual 'OMG You shouldn't do that because X, Y, and Z!' and I realize that's all well and good. However, none of those lectures ever include a useful solution to to what I want to do, at best they just say 'manually do everything though an ssh login and live with it! It's what me and my grandfather had to do, and it's good enough for you whippersnappers!'. I'm not trying to be antagonistic to the linux community at large, but seriously this question elicits the most droll and unhelpful response pretty much universally without actually addressing the pure, clear fact that many people don't want to command line every single little file transfer they want to make on a modern computer... and ALSO don't want to switch to Windows! hehe
 
Old 05-01-2012, 04:52 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928
Welcome to LQ!

And you OMG, really shouldn't.


What you "could" do, and what I think wouldn't be too much hassle:
ssh into the server
become root
sftp to where you want to pick the files up from, and do your thing
that way.


Cheers,
Tink
 
1 members found this post helpful.
Old 05-01-2012, 04:57 PM   #3
vakisari
LQ Newbie
 
Registered: May 2012
Posts: 2

Original Poster
Rep: Reputation: Disabled
So

You are saying it's more secure to sftp out from the server than sftp in from some client machine?
 
Old 05-01-2012, 05:46 PM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928
Totally ... as long as the authenticity of the client you're talking to is guaranteed
there's no issue connecting to it.
 
Old 05-12-2012, 05:10 PM   #5
scs
LQ Newbie
 
Registered: May 2012
Posts: 2

Rep: Reputation: Disabled
Quote:
manually do everything through an ssh login and live with it
you don't have to, but it is a momentary security risk: if you are already admin, just enable root in your server, then go to your pc and log in with a password, i.e. ssh root@host ... once you are done, disable root ... i imagine you know what you are doing
 
Old 05-12-2012, 05:22 PM   #6
djsoundfx
Member
 
Registered: May 2008
Distribution: Gentoo, Ubuntu, RHEL, CentOS, BSD, Solaris
Posts: 82

Rep: Reputation: 23
You could easily script this up. What I would do is make a 'backup' user and add them to the root group (or other highish privilege group), thus you have access to a lot of the files/folders the root user would but you would have greater control over limiting that user's ability to "do root things" should the account become compromised. I've done this many times before. Then if you script this up you can do it using keys instead of passwords (thus you don't have your root password chilling in some script). If you want a basic setup for this let me know and I can write an outline of the process and give you some commands.
 
Old 05-14-2012, 04:52 PM   #7
Tinkster
Moderator
 
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928
Quote:
Originally Posted by scs View Post
you don't have to, but it is a momentary security risk: if you are already admin, just enable root in your server, then go to your pc and log in with a password, i.e. ssh root@host ...
This is actually piss-poor advice, and in contradiction to any best
practice document out there. Interesting for a first post, I might add.


Quote:
once you are done, disable root ... i imagine you know what you are doing
Now please elaborate why one would do all of this?


Cheers,
Tink

Last edited by Tinkster; 05-14-2012 at 04:53 PM.
 
Old 05-16-2012, 12:12 PM   #8
scs
LQ Newbie
 
Registered: May 2012
Posts: 2

Rep: Reputation: Disabled
Quote:
Now please elaborate why one would do all of this?
hiya Tink, i'm back in linux world after many years, so a little rusty in my manners.. if I understand right, the man wanted a way to use nautilus for his root-like connection, since...

Quote:
many people don't want to command line every single little file transfer they want to make on a modern computer
I believe djsoundfx has handed us a smart clue in that direction

very humbled in you honoring me with your 22 bagillionth post.. keep it up

scs
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how do i regain root access on ubuntu? tongsak77 Linux - Newbie 6 12-19-2011 01:03 PM
[SOLVED] Ubuntu: How do you give sftp root privilege to user? shokemyster Linux - Newbie 17 09-23-2010 01:31 AM
FTP/SFTP write access denied on Ubuntu Server prudens Linux - Newbie 1 07-18-2009 11:50 AM
Setting up sftp access to a part of my home dir, don't have root permissions frankie_DJ Linux - Networking 3 02-06-2007 10:17 AM
root access on ubuntu/kubuntu? nightwalker1977 Linux - Software 5 11-18-2006 12:48 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 05:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration