Hi,
I configured openssh 5.1p1 for sftp server.
Here the specifications in sshd_config file:
Subsystem sftp internal-sftp
Match Group sftp
ForceCommand internal-sftp
ChrootDirectory /home/%u
AllowTcpForwarding no
When a user is logged in, he can't upload his document and he receives
this message:
carlo@Music:~$ sftp user@213.217.147.123
Connecting to 213.217.147.123...
user@213.217.147.123's password:
sftp> put prova
Uploading prova to /prova
Couldn't get handle: Permission denied
sftp>
Here the directory permissions:
[root@sftp-server ~]# ls -la /home/user/
total 24
drwxr-xr-x 6 root sftp 4096 Nov 10 18:05 .
drwxr-xr-x 54 root root 4096 Nov 10 16:48 ..
OK, my user is a sftp group member, and the sftp group hasn't
sufficient permissions to write in user's home directory.
I add the write permission for the sftp group:
[root@sftp-server ~]# chmod 770 /home/user/
[root@sftp-server ~]# ls -la /home/user/
total 24
drwxrwx--- 6 root sftp 4096 Nov 10 18:05 .
drwxr-xr-x 54 root root 4096 Nov 10 16:48 ..
But now the user can't access:
carlo@Music:~$ sftp user@213.217.145.321
Connecting to 213.217.147.123...
user@213.217.145.321's password:
Read from remote host 213.217.145.321: Connection reset by peer
Couldn't read packet: Connection reset by peer
Here the error message in /var/log/messages of sftp-server:
Nov 11 11:33:02 sftp-server sshd[10254]: Accepted password for user
from 213.217.145.329 port 38685 ssh2
Nov 11 11:33:02 sftp-server sshd[10256]: fatal: bad ownership or modes
for chroot directory "/home/user"
I get the same result if I change the ownership of user directory:
[root@sftp-server ~]# chown user.sftp /home/user/
[root@sftp-server ~]# ls -la /home/user/
total 24
drwxrwx--- 6 user sftp 4096 Nov 10 18:05 .
drwxr-xr-x 54 root root 4096 Nov 10 16:48 ..
carlo@Music:~$ sftp user@213.217.145.321
Connecting to 213.217.147.123...
user@213.217.145.321's password:
Read from remote host 213.217.145.321: Connection reset by peer
Couldn't read packet: Connection reset by peer
Nov 11 11:38:11 sftp-server sshd[10267]: Accepted password for user
from 213.217.145.329 port 39285 ssh2
Nov 11 11:38:11 sftp-server sshd[10269]: fatal: bad ownership or modes
for chroot directory "/home/user"
I get the same result if I change the ownership of user directory this way:
[root@sftp-server ~]# chown user.root /home/user/
What can I do in order to grant user access and allow write
permissions in his home directory?
Thanks
--
Carlo Pradissitto
Servizi e Supporto IT
I-WAY S.r.l.
Piazza Caduti di via Fani, 2
03100 Frosinone
Mobile: +393939318571
Tel/Fax: 07751880765
E-mail: c.pradissitto@i-way.it
--
Carlo Pradissitto
Servizi e Supporto IT
I-WAY S.r.l.
Piazza Caduti di via Fani, 2
03100 Frosinone
Mobile: +393939318571
Tel/Fax: 07751880765
E-mail: c.pradissitto@i-way.it
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
I configured openssh 5.1p1 for sftp server.
Here the specifications in sshd_config file:
Subsystem sftp internal-sftp
Match Group sftp
ForceCommand internal-sftp
ChrootDirectory /home/%u
AllowTcpForwarding no
When a user is logged in, he can't upload his document and he receives
this message:
carlo@Music:~$ sftp user@213.217.147.123
Connecting to 213.217.147.123...
user@213.217.147.123's password:
sftp> put prova
Uploading prova to /prova
Couldn't get handle: Permission denied
sftp>
Here the directory permissions:
[root@sftp-server ~]# ls -la /home/user/
total 24
drwxr-xr-x 6 root sftp 4096 Nov 10 18:05 .
drwxr-xr-x 54 root root 4096 Nov 10 16:48 ..
OK, my user is a sftp group member, and the sftp group hasn't
sufficient permissions to write in user's home directory.
I add the write permission for the sftp group:
[root@sftp-server ~]# chmod 770 /home/user/
[root@sftp-server ~]# ls -la /home/user/
total 24
drwxrwx--- 6 root sftp 4096 Nov 10 18:05 .
drwxr-xr-x 54 root root 4096 Nov 10 16:48 ..
But now the user can't access:
carlo@Music:~$ sftp user@213.217.145.321
Connecting to 213.217.147.123...
user@213.217.145.321's password:
Read from remote host 213.217.145.321: Connection reset by peer
Couldn't read packet: Connection reset by peer
Here the error message in /var/log/messages of sftp-server:
Nov 11 11:33:02 sftp-server sshd[10254]: Accepted password for user
from 213.217.145.329 port 38685 ssh2
Nov 11 11:33:02 sftp-server sshd[10256]: fatal: bad ownership or modes
for chroot directory "/home/user"
I get the same result if I change the ownership of user directory:
[root@sftp-server ~]# chown user.sftp /home/user/
[root@sftp-server ~]# ls -la /home/user/
total 24
drwxrwx--- 6 user sftp 4096 Nov 10 18:05 .
drwxr-xr-x 54 root root 4096 Nov 10 16:48 ..
carlo@Music:~$ sftp user@213.217.145.321
Connecting to 213.217.147.123...
user@213.217.145.321's password:
Read from remote host 213.217.145.321: Connection reset by peer
Couldn't read packet: Connection reset by peer
Nov 11 11:38:11 sftp-server sshd[10267]: Accepted password for user
from 213.217.145.329 port 39285 ssh2
Nov 11 11:38:11 sftp-server sshd[10269]: fatal: bad ownership or modes
for chroot directory "/home/user"
I get the same result if I change the ownership of user directory this way:
[root@sftp-server ~]# chown user.root /home/user/
What can I do in order to grant user access and allow write
permissions in his home directory?
Thanks
--
Carlo Pradissitto
Servizi e Supporto IT
I-WAY S.r.l.
Piazza Caduti di via Fani, 2
03100 Frosinone
Mobile: +393939318571
Tel/Fax: 07751880765
E-mail: c.pradissitto@i-way.it
--
Carlo Pradissitto
Servizi e Supporto IT
I-WAY S.r.l.
Piazza Caduti di via Fani, 2
03100 Frosinone
Mobile: +393939318571
Tel/Fax: 07751880765
E-mail: c.pradissitto@i-way.it
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev