Ubuntu: How do you give sftp root privilege to user?
Hello folks,
This is my first thread ever to make on the linux forum, and I just began using linux Ubuntu Lucid for my server. Please bare with me because I think I am questioning such a basic question. How do you give sftp root privilege to user? I've made group "admin" and made 2 users under that group. Trying to upload a file onto a server using SFTP with one of the user and it fails and says "Permission denied." I gave full sudo/root permission to the group "admin" from /usr/sbin/visudo I mainly use Tranmit4 but I also have filezilla. Or is there a way to run sudo command on either ftp client application? Please advise. Thank you all! |
Quote:
paste your ftp configuration here Regards, |
Quote:
There is a permission file to configure for FTP connection!? How do you do that? |
Im not sure which ftp server you are using but your configuration file would be in /etc some where. What ftp server are you using.
|
If you got vsftp then it is /etc/vsftpd.conf
|
Quote:
|
Thank you guys for reply.
I didn't even installed vsftpd... But I was able to access the SFTP with my SSH users and root. Anyhow, I just installed vsftpd, googled a little bit on it(found this page: http://www.linuxhomenetworking.com/w...P_Server_Setup), but I can't even access to FTP server thats ran by vsftpd...(I can log on with my SSH users still of course) Before I get to the question I've stated, can anyone tell me good article on install VSFTPD on Ubuntu? There are so many but I've found none that goes into depth such as config on iptables and etc... |
Another question.
Is accessing onto the server with SFTP protocol with SSH root and accessing onto FTP server thats ran by VSFTPD different? (I installed VSFTPD but I can't even access to it.) Doesn't being able to access SFTP with SSH root means there is a ftp server already built in? Or SFTP with SSH root with a FTP client is an another way of login into SSH like on the terminal?(just different appearance I suppose?) Sorry for a dumb question... |
Thank you for an advise Hangdog42.
Okay, I think what I have said might have over exaggerated the thing I want to achieve. I'll put your advise in my head for future reference. I appreciate it. And what I'm trying to achieve is to run a ftp server, create ftp user, set password, login onto the server with SFTP, and making that user being able to read, list, make, delete(pretty much all file execution). it'll be awesome if you guys could help up set up the vsftpd as well... I've set the iptables for FTP Quote:
Quote:
Thank you everybody for spending time for my help. I really appreciate it. |
Quote:
pasv_min_port=50000 pasv_max_port=51000 That fixes the passive ports and in my firewall I've got this set of rules: Code:
iptables -N FTPBAN |
Quote:
|
As above, SFTP & FTP (+/- S) are very different. sftp is a built-in part of the ssh pkg (along with scp) and runs on port 22. Has absolutely nothing to do with 'normal' FTP as used by eg vsftpd.
Start by deciding which you are going to use eg sftp and remove vsftpd before you get any more confused. As recommended, don't allow root access via any ssh tool; its proabably the most popular target for crackers. Instead, use your own id with a strong passwd, then su - up to root (another strong passwd for root) if you need root powers later. Filezilla works well for sftp :) |
Thank you Hangdog2 for detailed information.
I appreciate it a lot. I'm remotely controlling the hosted linux server so it seems like I need to set the config for passives. and chrism01, thank you for replying too. Yes, I'm very confused now. FTP transfer is the most important thing for me when it comes to server. So I want to clear everything... I thought I was a geek enough to manage and run Linux server from scratch but there are so much to learn then I thought... And what do you mean by Quote:
But I'm still confused :( Okay, so please tell me if I'm stating the right thing or not. SFTP is part of the SSH connection and when you connect with user, user does NOT have permission to any file, unless the file or folder was made by the user. For FTP or FTPS, the user privilege is controlled by the user config, and file/folder permission matters for editing. Thank you guys for your support!!! :D |
Quote:
Quote:
So now I'm going to throw one more thing your way. Security. Since you will be exposing SSH and potentially FTP to the Internet, you do need to think about detecting and mitigating the brute force attacks that are going to come. So some of the questions you need to think about are: - Will you use password or key-based SSH authentication? - Do you have a way of monitoring what files get uploaded? - Can you lock down access to specific IP addresses? - Do you have a process for installing patches and upgrading the system? - Do you have a backup/restore strategy in place in case the worst happens? - Have you completely and totally eliminated the chance for root to log in via SSH or FTP? - Do you have a process for monitoring logs? - Have you shut down all unneeded services? |
Sorry everyone for replying late.
I was figuring out the whole vsftpd working. Hangdog42, when I was going through your questions, I figured I need to do SSL connection for vsftpd, because I'm going to connect from the internet. I was able to access the ftp server fine, until I added ssl_enable=YES. Here is my vsftpd.conf and iptables. (I changed ports to something unpredictable for better security) Quote:
Quote:
Please help. |
All times are GMT -5. The time now is 08:50 AM. |