Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
05-01-2012, 01:55 PM
|
#1
|
LQ Newbie
Registered: May 2012
Posts: 2
Rep:
|
SFTP, root access, Ubuntu 12.04
So, I've done some searching and while there are similar questions already asked elsewhere in these forums, none of them had a response that was quite right for me. It's a typical setup, but I've got an Ubuntu 12.04 server ami running on an Amazon EC2 instance. I currently have SSH access under the normal ubuntu account of course, and that particular Amazon setup comes with sftp turned on my default. So, under the ubuntu user account I can login via ssh or sftp and do my thing. You all know what is coming next...
So of course, my question, is how do I set it up so that I can SFTP in with the ability to upload/download files anywhere on the server. I understand I could go through while ssh'd in and manually change permissions for every single folder, but I'd really prefer something a little less of a hassle. The solutions doesn't necessarily have to involve sftp'ing in as root, but I want a way to change the ubuntu user to have full access during sftp to upload/download anything, anywhere... or to sftp in as root. I've read just about every linux forum I can find, and I already know everyone is going to chime in with the usual 'OMG You shouldn't do that because X, Y, and Z!' and I realize that's all well and good. However, none of those lectures ever include a useful solution to to what I want to do, at best they just say 'manually do everything though an ssh login and live with it! It's what me and my grandfather had to do, and it's good enough for you whippersnappers!'. I'm not trying to be antagonistic to the linux community at large, but seriously this question elicits the most droll and unhelpful response pretty much universally without actually addressing the pure, clear fact that many people don't want to command line every single little file transfer they want to make on a modern computer... and ALSO don't want to switch to Windows! hehe
|
|
|
05-01-2012, 04:52 PM
|
#2
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Welcome to LQ!
And you OMG, really shouldn't.
What you "could" do, and what I think wouldn't be too much hassle:
ssh into the server
become root
sftp to where you want to pick the files up from, and do your thing
that way.
Cheers,
Tink
|
|
1 members found this post helpful.
|
05-01-2012, 04:57 PM
|
#3
|
LQ Newbie
Registered: May 2012
Posts: 2
Original Poster
Rep:
|
So
You are saying it's more secure to sftp out from the server than sftp in from some client machine?
|
|
|
05-01-2012, 05:46 PM
|
#4
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Totally ... as long as the authenticity of the client you're talking to is guaranteed
there's no issue connecting to it.
|
|
|
05-12-2012, 05:10 PM
|
#5
|
LQ Newbie
Registered: May 2012
Posts: 2
Rep:
|
Quote:
manually do everything through an ssh login and live with it
|
you don't have to, but it is a momentary security risk: if you are already admin, just enable root in your server, then go to your pc and log in with a password, i.e. ssh root@host ... once you are done, disable root ... i imagine you know what you are doing
|
|
|
05-12-2012, 05:22 PM
|
#6
|
Member
Registered: May 2008
Distribution: Gentoo, Ubuntu, RHEL, CentOS, BSD, Solaris
Posts: 82
Rep:
|
You could easily script this up. What I would do is make a 'backup' user and add them to the root group (or other highish privilege group), thus you have access to a lot of the files/folders the root user would but you would have greater control over limiting that user's ability to "do root things" should the account become compromised. I've done this many times before. Then if you script this up you can do it using keys instead of passwords (thus you don't have your root password chilling in some script). If you want a basic setup for this let me know and I can write an outline of the process and give you some commands.
|
|
|
05-14-2012, 04:52 PM
|
#7
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Quote:
Originally Posted by scs
you don't have to, but it is a momentary security risk: if you are already admin, just enable root in your server, then go to your pc and log in with a password, i.e. ssh root@host ...
|
This is actually piss-poor advice, and in contradiction to any best
practice document out there. Interesting for a first post, I might add.
Quote:
once you are done, disable root ... i imagine you know what you are doing
|
Now please elaborate why one would do all of this?
Cheers,
Tink
Last edited by Tinkster; 05-14-2012 at 04:53 PM.
|
|
|
05-16-2012, 12:12 PM
|
#8
|
LQ Newbie
Registered: May 2012
Posts: 2
Rep:
|
Quote:
Now please elaborate why one would do all of this?
|
hiya Tink, i'm back in linux world after many years, so a little rusty in my manners.. if I understand right, the man wanted a way to use nautilus for his root-like connection, since...
Quote:
many people don't want to command line every single little file transfer they want to make on a modern computer
|
I believe djsoundfx has handed us a smart clue in that direction
very humbled in you honoring me with your 22 bagillionth post.. keep it up
scs
|
|
|
All times are GMT -5. The time now is 05:35 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|