• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

sFTP/SCP

S

swardell

Guest
Is it currently possible to config 8.1 (for Linux) to use sFTP or SCP and when will be it a standard feature?
 
By SFTP I assume you mean FTP over SSH?

If so it works now, here's how.

Turn on for your domain user:
/bin/bash (chrooted)

Now your domain admin can connect via SFTP.

You then can go further and block port 21 on the firewall, therefore forcing them to use SFTP.

Cheers,

David
 
but that requires enabling and allowing the users shell access which I dont want to do, any other way?

and, of course, an fully integrated method in the panel would be nice
 
Nope :(

But what is the difference? the ftp user id / password they can delete a hell of a lot of stuff. Also the shell its chrooted anyway.
 
There's definitely a difference. Chrooted shells can be broken through various exploits, scp is a better option IMHO.

We've installed SCPOnly, works well. We just manually added the SCPOnly option to one of the tables in the PSA database to get it to show up in the Plesk interface.

http://sublimation.org/scponly

~Matt
 
Sftp-server

You can add:

/usr/libexec/openssh/sftp-server


To /etc/shells

And then select this in the account as their shell. This will give them access to only sftp with not additional software required.
 
Originally posted by matt.simpson
There's definitely a difference. Chrooted shells can be broken through various exploits, scp is a better option IMHO.

We've installed SCPOnly, works well. We just manually added the SCPOnly option to one of the tables in the PSA database to get it to show up in the Plesk interface.

http://sublimation.org/scponly

~Matt
Click to expand...
Hello Matt,

could you please elaborate on this some more?

"We just manually added the SCPOnly option to one of the tables in the PSA database"

Which table do you mean and how did you do this? I'd also like to make file transfers to our server a bit more secure than with plain FTP (which is really insecure). I would like to get SCP working, but need to know a bit more. Hope you can help and TIA.

Scott
 
Re: Sftp-server

Originally posted by huck
You can add:

/usr/libexec/openssh/sftp-server


To /etc/shells

And then select this in the account as their shell. This will give them access to only sftp with not additional software required.
Click to expand...

So huck if I simply edit /etc/shells and add /usr/libexec/openssh/sftp-server

And select that for the users shell access thats all?

Cheers,
David
 
Re: Sftp-server

Originally posted by huck
You can add:

/usr/libexec/openssh/sftp-server


To /etc/shells

And then select this in the account as their shell. This will give them access to only sftp with not additional software required.
Click to expand...

WARNING

This works, BUT the user is not chrooted, so they can traverse the entire filesystem!
 
You must log in or register to reply here.

Similar threads

T
Question Restrict the access to Home Directory via SFTP
Replies
6
Views
1K
Thomas Oryon
T
D
Question sftp
Replies
2
Views
1K
Maarten
M
R
Resolved Remote FTP
Replies
5
Views
1K
zvangi
Z
S
Question How to use SFTP
Replies
6
Views
1K
WebHostingAce
WebHostingAce
M
Issue SFTP Issues in Lightsail when connected
Replies
0
Views
760
munchlaxmatt
M
Back
Top