Author Topic: ssh sftp ftp  (Read 4636 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
ssh sftp ftp
« on: October 27, 2020, 07:41:24 PM »
with ftp it wont go into a directory
tried to set it to have ssh and sftp and it wont connect
i dont know what is wrong with my system
centos 7

Re: ssh sftp ftp
« Reply #1 on: October 27, 2020, 09:16:42 PM »
You will need to explain MUCH better about what you are trying to do.

Offline
*
Re: ssh sftp ftp
« Reply #2 on: October 27, 2020, 11:56:38 PM »
the system is new
when i log in as sftp it says only ftp so i log in ftp and it wont log me into a directory it says cant go into "/" root so i ask it to log into /home/username and it wont take me there also

so i set it in cwp to let the user full ssh and it wont log into sftp still i cant even log in with putty and it still says ftp but it wont log me into user directory

Re: ssh sftp ftp
« Reply #3 on: October 28, 2020, 12:24:18 AM »
You/this sounds very confusing. I'll leave it to someone else to teach the differences between ssh, ftp & sftp and firewall changes to allow sftp.

Offline
*
Re: ssh sftp ftp
« Reply #4 on: October 28, 2020, 12:30:36 AM »
yah thanks ok i sound confusing
this is confusing
i cant log into ssh with root neither or i would change it myself
it is ran by cwp
asking help not stupid criticism

Re: ssh sftp ftp
« Reply #5 on: October 28, 2020, 12:36:21 AM »
http://wiki.centos-webpanel.com/category/ftp
Allowing root to FTP/sFTP is not a good idea!
Putty/SSH has no interaction with FTP/SFTP.
Is is seen as bad practice to SSH into your server as root but I do it ONLY with key authentication - passwords not allowed.

This is basic security for administering a server. Do anything different and you are just asking to be hacked.
« Last Edit: October 28, 2020, 12:41:27 AM by cynique »

Offline
*
Re: ssh sftp ftp
« Reply #6 on: October 28, 2020, 02:01:29 PM »
i know all that
cwp has made it so i cant even log into with ftp
i will put a ticket in and maybe i can get an answer

Re: ssh sftp ftp
« Reply #7 on: October 28, 2020, 02:35:31 PM »
No problems here..
Quote
ftp webpxxxx.com
Connected to webpxxxx.com.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 10:31. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
Name (webpxxxx.com:user): webp
331 User webp OK. Password required
Password:
230 OK. Current restricted directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful
150 Connecting to port 35601
drwx--x--x    8 webp       webp             4096 Oct 28 00:16 .
drwx--x--x    8 webp       webp             4096 Oct 28 00:16 ..
-rw-r--r--    1 webp       webp               18 Mar 31  2020 .bash_logout
-rw-r--r--    1 webp       webp              193 Mar 31  2020 .bash_profile
-rw-r--r--    1 webp       webp              231 Mar 31  2020 .bashrc
drwxr-xr-x    3 webp       webp             4096 Oct 28 10:29 .conf
drwxr-----    3 webp       webp             4096 Oct  4 07:06 .pki
drwxr-xr-x    2 webp       webp             4096 Oct 22 06:59 .trash
drwxr-xr-x    2 webp       webp             4096 Oct  4 07:06 backupcwp
drwxr-x---   27 webp       99               4096 Oct 22 18:36 public_html
drwxr-xr-x    3 webp       webp             4096 Oct  4 07:06 tmp
226-Options: -a -l
226 11 matches total
ftp> cd backupcwp
250 OK. Current directory is /backupcwp
ftp> ls
200 PORT command successful
150 Connecting to port 57519
drwxr-xr-x    2 webp       webp             4096 Oct  4 07:06 .
drwx--x--x    8 webp       webp             4096 Oct 28 00:16 ..
226-Options: -a -l
226 2 matches total
ftp> bye

This correctly fails because I haven't established ssh keys for the user:
Quote
sftp -P 1234 webpxxxx.com
The authenticity of host '[webpxxxx.com]:1234 ([23.94.xxx.xxx]:1234)' can't be established.
ECDSA key fingerprint is SHA256:QbcuynzrmUcrPjYNcod2xxxxxf6i+hXEwaoD/4xxxxx.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[webpxxxx.com]:1234' (ECDSA) to the list of known hosts.
user@webpxxxx.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Connection closed

With user public key added to authorized_keys and webp given an sFTP shell access..
Quote
sftp -P 1234 webp@webpxxx.com
Connected to webpxxxx.com.
sftp> ls -la
drwx--x--x    9 webp     webp         4096 Oct 28 10:44 .
drwx--x--x    8 root     root         4096 Oct 28 01:12 ..
-rw-r--r--    1 webp     webp           18 Mar 31  2020 .bash_logout
-rw-r--r--    1 webp     webp          193 Mar 31  2020 .bash_profile
-rw-r--r--    1 webp     webp          231 Mar 31  2020 .bashrc
drwxr-xr-x    3 webp     webp         4096 Oct 28 10:29 .conf
drwxr-----    3 webp     webp         4096 Oct  4 07:06 .pki
drwxr-xr-x    2 webp     webp         4096 Oct 28 10:45 .ssh
drwxr-xr-x    2 webp     webp         4096 Oct 22 06:59 .trash
drwxr-xr-x    2 webp     webp         4096 Oct  4 07:06 backupcwp
drwxr-x---   27 webp     nobody       4096 Oct 22 18:36 public_html
drwxr-xr-x    3 webp     webp         4096 Oct  4 07:06 tmp
sftp> pwd
Remote working directory: /home/webp
sftp> cd .ssh
sftp> ls -l
-rw-r--r--    1 webp     webp          402 Oct 28 10:46 authorized_keys
sftp> bye
Works perfectly. Re-read documentation.
« Last Edit: October 28, 2020, 02:54:22 PM by cynique »