Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 12-12-2012, 03:49 AM   #1
LQ Newbie
Registered: Dec 2012
Posts: 4

Rep: Reputation: Disabled
WinSCP, sudo & SFTP: can't get them all working together

Complete beginner here.

I'm using Ubuntu 12.10, trying to allow WinSCP to connect with root access (I'm using keys, not passwords). I've been following the steps in the WinSCP FAQ, and this post:

I fought with this today and came up with the following solution:

Add a line to your sudoers file:
username ALL=NOPASSWD: /usr/lib/openssh/sftp-server

Then in the SFTP setup section of WinSCP edit the session SFTP server:
sudo /usr/lib/openssh/sftp-server

Boom, root access to file system via WinSCP.
from a thread on the WinSCP forums.

I've added the line to my sudoers file so it looks like this:
# User privilege specification
chris ALL=NOPASSWD: /usr/lib/openssh/sftp-server
and I've set up the SFTP in WinSCP as directed.

Connection and authentication seems to work fine until trying to use sudo. WinSCP gives me this message after the key is authenticated:
Cannot initialize SFTP protocol. Is the host running a SFTP server?
My auth.log shows this:

sshd[3070]: Accepted publickey for chris from port 51868 ssh2
sudo: pam_unix(sudo:auth): conversation failed
sudo: pam_unix(sudo:auth): auth could not identify password for [chris]
sshd[3079]: Accepted publickey for chris from port 51899 ssh2
sudo: pam_unix(sudo:auth): conversation failed
sudo: pam_unix(sudo:auth): auth could not identify password for [chris]
I've also tried changing the additional line in sudoers to
with the same results.

Connecting without trying to use sudo works fine.

Can anyone let me know how I'm messing this up? Seems it should be fairly simple, but it's been causing me quite a few headaches.

Old 12-12-2012, 11:28 AM   #2
LQ Newbie
Registered: Dec 2012
Posts: 4

Original Poster
Rep: Reputation: Disabled
Found the problem. In case anyone else happens to experience the same thing, the line:
yourusername ALL=NOPASSWD: /usr/lib/openssh/sftp-server
needs to go under the admin group section like so:
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
yourusername ALL=NOPASSWD: /usr/lib/openssh/sftp-server
not under the user privilege specification.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Running WinSCP with sudo su to non-root user MensaWater Linux - General 10 10-17-2012 03:27 PM
SFTP logging for Chroot on CentOS 6.2 with openssh-5.3 not working (internal-sftp) RatherBFishin Linux - Server 1 08-30-2012 06:45 PM
Why is nohup ... & not Working When Script is Running sftp? cnewtonne Linux - Server 1 11-23-2009 12:26 PM
SFTP - CyberDuck doesn't work, but WinSCP does? Server exited on signal "PIPE"? dragos19 Other *NIX 1 10-04-2008 04:52 PM
Group Permissions not working when using WinSCP Drokare Linux - Security 2 04-08-2008 02:38 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:08 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration