• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Enable FTP and SFTP? Or edit default domain to allow SFTP?

M

Matt Grant

Regular Pleskian
I have a client with 31 domains on my server and I want when he creates a domain for it to be set to /usr/libexec/openssh/sftp-server instead of forbidden. I have changed every setting I can find to allow them to do it via control panel, but it always shows up as Forbidden and cannot be changed by the client's login account. I can edit the domain 's "Shell access to server with FTP user's credentials" as Admin. I created a template called Domain Template 2, but cannot seem to find a way to make the new domains he creates use that template. The drop down only shows Default Domain.

Does any of this make sense? Can I just enable FTP and not use SFTP or use both?

He is not going to be happy if he has to call me every time he creates a new domain to allow SFTP access.

Thanks in advance!!!
 
You can add /usr/libexec/openssh/sftp-server to /etc/shells to be able to give clients SFTP-only access, but if you want them to have FTP that is already built in and doesnt need anything other than setting up the user and a password on creating a hosted domain.
 
Thank you for your reply...

I already have "/usr/libexec/openssh/sftp-server" added to the /etc/shells file. SFTP works just fine when I create the domain through my admin login. The issue I am having is with Client login accounts. I created a client account and checked the box for the user to be able to allow shell access. But when the client logs in and creates a domain, it only shows Forbidden as seen in the screenshot below:

test2.jpg


I created a Domain Template called "Default Domain 2" and set the shell access to default to /usr/libexec/openssh/sftp-server, but when I login as the client and create a new domain, it does not give me the option to use the "Default Domain 2" template on the drop down. It only shows Default Domain template as a choice.

Currently the client has to create the domain and then call me to get me to allows SFTP/Shell access via the admin login. Per your last reply, I cannot find any way to allow FTP access. I can only see a way to allow SFTP access. I have alot of clients that do not know what SFTP is and I have to explain to them almost every time. Is there a way to allow FTP access and SFTP access? If FTP access was allowed, then I would not have to allow shell access/SFTP and the above issue would be moot.

Thanks in advance, I look forward to your knowledge on this issue...
 
HI,

From your screen shot if the user sets both a username and a password and saves, then it automatically enables FTP for the domain, even though it says disabled - the shell access is typically for SSH, something that I would recomend that you dont give clients access to.

You shouldnt need to do anything to have ftp enabled or work, the client just creates their domain, sets a username and a password and then its allowed from that point on with out you having to do anything.

Please let me know if I misunderstood what you are looking for.
 
When I or my client adds a domain and creates the username/password and them saves everything and then try to use just standard FTP via Filezilla, this is what happens

ftperror.jpg


But as soon as I change the port to 22, it works.

SFTP.jpg


It is almost like FTP is completely disabled on the server. I have checked the server's firewall and the 1&1 firewall and port 21 is open on both. I have combed through every server setting and googled for days looking for a way to enable FTP and I cannot find an answer.

You are my only hope... :)
 
what happens if you try and establish an FTP session from the local machine through SSH? Does it accept the connection?
Can you try and turn off all the firewalls and see if that changes anything?
Can you make sure that the xinetd service is running?
 
That is really weird, I can FTP via command line. I am going to add port 21 to the Plesk firewall, even though the default "FTP Server" is already allowed.

pleskfirewall.jpg


Here is my 1&1 firewall settings.

1n1firewall.jpg
 
I would recomend to ditch both of them and use something like APF instead. You also probably only need one firewall, they could have rules that conflict with each other.

Before messing arround with the rules though try turning them both off and flush and stop iptables and see if you can connect remotely - if you can then you know it is a firewall problem. Then turn on one, and try again, if no problem turn that one off and try the other one and repeat until you find the culprit.
 
Ok, I fixed it. It was either the 1&1 firewall (I changed the remote port for 21 from 21 to Any) and I added a rule for port 21 in the Plesk firewall.

Thank you for your guidance...
 
You must log in or register to reply here.

Similar threads

M
Resolved Additional FTP account shutting right down after opening (via FTP client)
2
Replies
21
Views
3K
trialotto
T
CobraArbok
Question What kind of script for FTP and where to save the file.
Replies
0
Views
393
CobraArbok
CobraArbok
UHF
Resolved SFTP Connection Issue
Replies
2
Views
2K
UHF
UHF
F
Issue I messed up, can't access ssh/sftp
Replies
2
Views
831
filipetakanap
F
serreri
Question Overuse is not allowed - it does not suspend the domain and does not redirect to 503
Replies
2
Views
270
serreri
serreri
Back
Top