So, I've done some searching and while there are similar questions already asked elsewhere in these forums, none of them had a response that was quite right for me. It's a typical setup, but I've got an Ubuntu 12.04 server ami running on an Amazon EC2 instance. I currently have SSH access under the normal ubuntu account of course, and that particular Amazon setup comes with sftp turned on my default. So, under the ubuntu user account I can login via ssh or sftp and do my thing. You all know what is coming next...

So of course, my question, is how do I set it up so that I can SFTP in with the ability to upload/download files anywhere on the server. I understand I could go through while ssh'd in and manually change permissions for every single folder, but I'd really prefer something a little less of a hassle. The solutions doesn't necessarily have to involve sftp'ing in as root, but I want a way to change the ubuntu user to have full access during sftp to upload/download anything, anywhere... or to sftp in as root. I've read just about every linux forum I can find, and I already know everyone is going to chime in with the usual 'OMG You shouldn't do that because X, Y, and Z!' and I realize that's all well and good. However, none of those lectures ever include a useful solution to to what I want to do, at best they just say 'manually do everything though an ssh login and live with it! It's what me and my grandfather had to do, and it's good enough for you whippersnappers!'. I'm not trying to be antagonistic to the linux community at large, but seriously this question elicits the most droll and unhelpful response pretty much universally without actually addressing the pure, clear fact that many people don't want to command line every single little file transfer they want to make on a modern computer... and ALSO don't want to switch to Windows! hehe

Welcome to LQ!

And you OMG, really shouldn't.


What you "could" do, and what I think wouldn't be too much hassle:
ssh into the server
become root
sftp to where you want to pick the files up from, and do your thing
that way.


Cheers,
Tink

1 members found this post helpful.

You are saying it's more secure to sftp out from the server than sftp in from some client machine?

Totally ... as long as the authenticity of the client you're talking to is guaranteed
there's no issue connecting to it.

you don't have to, but it is a momentary security risk: if you are already admin, just enable root in your server, then go to your pc and log in with a password, i.e. ssh root@host ... once you are done, disable root ... i imagine you know what you are doing

You could easily script this up. What I would do is make a 'backup' user and add them to the root group (or other highish privilege group), thus you have access to a lot of the files/folders the root user would but you would have greater control over limiting that user's ability to "do root things" should the account become compromised. I've done this many times before. Then if you script this up you can do it using keys instead of passwords (thus you don't have your root password chilling in some script). If you want a basic setup for this let me know and I can write an outline of the process and give you some commands.

This is actually piss-poor advice, and in contradiction to any best
practice document out there. Interesting for a first post, I might add.


Now please elaborate why one would do all of this?


Cheers,
Tink

hiya Tink, i'm back in linux world after many years, so a little rusty in my manners.. if I understand right, the man wanted a way to use nautilus for his root-like connection, since...

I believe djsoundfx has handed us a smart clue in that direction

very humbled in you honoring me with your 22 bagillionth post.. keep it up

scs