Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
02-11-2011, 08:43 AM
|
#1
|
Member
Registered: Aug 2007
Posts: 346
Rep:
|
rsync using www as user gives ssh error
we have a few webservers with a lot of sites. Apache is run as www as is all the files/folders. People are uploading via FTP, scp, so the problem is if I chmod so everyone can read, then rsync as a user it works until new files are added which then my ;
if rsync ..... fails with a permission denied.
Now... I can add a chmod in the script so everyone can read, but since www can already read, I figured I would just change my script to use www. I added the ssh key to his authorized_keys file, but when I try to just ssh in I see this in the secure file;
server sshd[29539]: User www not allowed because account is locked
sshd[29539]: Failed none for invalid user www from ip port 54983 ssh2
Now I read a few places already saying I need to add a password to the account, etc. but before I jump and try all I read, 1st major one, will this now break apache? Will this affect any startup things, etc. and .... will that unlock that user for ssh in or is there another preferred method?
Thanks.
|
|
|
02-11-2011, 12:00 PM
|
#2
|
LQ Newbie
Registered: Feb 2011
Posts: 27
Rep:
|
Check it on /etc/passwd what's the shell of the www user.
Generally, the shell of the www user is /bin/false or something like that. Then you must change to /bin/bash.
[]'s
Rafa
Linux, Linux and Linux! Suporte Linux
|
|
|
02-11-2011, 12:23 PM
|
#3
|
Member
Registered: Aug 2007
Posts: 346
Original Poster
Rep:
|
Sorry, I should have posted that, but no it's correct;
www:x:501:501::/home/www:/bin/bash
As I said, due to that exact error, it seemed www doesn't have a PW, I'm just concerned if I create a PW, then restart the box, etc. will processes and such not start, etc.
|
|
|
02-11-2011, 12:36 PM
|
#4
|
Senior Member
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 15.2
Posts: 1,339
|
What's in /etc/shadow? When there in an exclamation mark in front of the password entry, then the account is locked.
|
|
|
02-11-2011, 01:20 PM
|
#5
|
Member
Registered: Aug 2007
Posts: 346
Original Poster
Rep:
|
@Reuti, as you have guessed, yes there is.
www:!!:13601:0:99999:7:::
Now I will re-word the question. From the initial post/error and searching it seemed that www accounts was locked (confirmed as you said via the shadow file). The question (now re-worded a bit better) is can I unlock that user w/o having to create a password? I am using rsync + ssh and auth key's so want to go from server1 -> server2 as www, to copy the data over. I don't want to have to create a password which may affect other things, so can I simply unlock the account?
Thanks.
|
|
|
02-11-2011, 01:24 PM
|
#6
|
Senior Member
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 15.2
Posts: 1,339
|
Yes, replace the !! with a * will enable it again. The login by ssh-key should work then, and there is no password set.
|
|
|
02-11-2011, 03:08 PM
|
#7
|
Member
Registered: Aug 2007
Posts: 346
Original Poster
Rep:
|
Thanks. Did that, but still not in ... closer, but I will need to look a little further.
/var/log/secure when I try shows;
User www from [ip] not allowed because not listed in AllowUsers
yet, /etc/ssh/sshd_config has;
AllowUsers admin www. I created/added the same ket to the authorized_key's file for the admin user, and when I try from the remote server I get;
Accepted publickey for admin from [ip] port 43240 ssh2 and I get right in. SSH was restarted after adding www to the allowuser list, so as I said, going to need to dig a little more.
Thanks
|
|
|
All times are GMT -5. The time now is 02:07 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|