• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

sFTP/SCP

S

swardell

Guest
Is it currently possible to config 8.1 (for Linux) to use sFTP or SCP and when will be it a standard feature?
 
By SFTP I assume you mean FTP over SSH?

If so it works now, here's how.

Turn on for your domain user:
/bin/bash (chrooted)

Now your domain admin can connect via SFTP.

You then can go further and block port 21 on the firewall, therefore forcing them to use SFTP.

Cheers,

David
 
but that requires enabling and allowing the users shell access which I dont want to do, any other way?

and, of course, an fully integrated method in the panel would be nice
 
Nope :(

But what is the difference? the ftp user id / password they can delete a hell of a lot of stuff. Also the shell its chrooted anyway.
 
There's definitely a difference. Chrooted shells can be broken through various exploits, scp is a better option IMHO.

We've installed SCPOnly, works well. We just manually added the SCPOnly option to one of the tables in the PSA database to get it to show up in the Plesk interface.

http://sublimation.org/scponly

~Matt
 
Sftp-server

You can add:

/usr/libexec/openssh/sftp-server


To /etc/shells

And then select this in the account as their shell. This will give them access to only sftp with not additional software required.
 
Originally posted by matt.simpson
There's definitely a difference. Chrooted shells can be broken through various exploits, scp is a better option IMHO.

We've installed SCPOnly, works well. We just manually added the SCPOnly option to one of the tables in the PSA database to get it to show up in the Plesk interface.

http://sublimation.org/scponly

~Matt
Click to expand...
Hello Matt,

could you please elaborate on this some more?

"We just manually added the SCPOnly option to one of the tables in the PSA database"

Which table do you mean and how did you do this? I'd also like to make file transfers to our server a bit more secure than with plain FTP (which is really insecure). I would like to get SCP working, but need to know a bit more. Hope you can help and TIA.

Scott
 
Re: Sftp-server

Originally posted by huck
You can add:

/usr/libexec/openssh/sftp-server


To /etc/shells

And then select this in the account as their shell. This will give them access to only sftp with not additional software required.
Click to expand...

So huck if I simply edit /etc/shells and add /usr/libexec/openssh/sftp-server

And select that for the users shell access thats all?

Cheers,
David
 
Re: Sftp-server

Originally posted by huck
You can add:

/usr/libexec/openssh/sftp-server


To /etc/shells

And then select this in the account as their shell. This will give them access to only sftp with not additional software required.
Click to expand...

WARNING

This works, BUT the user is not chrooted, so they can traverse the entire filesystem!
 
You must log in or register to reply here.

Similar threads

M
Issue SFTP Issues in Lightsail when connected
Replies
0
Views
58
munchlaxmatt
M
J
Question Is it possible to use SFTP instead of FTP(S) to upload websites / webapps (because it has a better performance!)
Replies
6
Views
338
jmar83
J
L
Question Plesk backup over SFTP consumes the bandwidth of the network Interface.
Replies
5
Views
514
linuxman1
L
D
Question Download Mail Logs
Replies
0
Views
653
dennis_81
D
I
Issue ftp a sftp
Replies
4
Views
861
Inma
I
Back
Top