Differences

This shows you the differences between the selected revisions of the page.

2018-12-19 2021-08-23
Restored revision 1541771937. Undoing revision 1545161324. (martin) (hidden) formatting for readability (martin)
Line 14: Line 14:
The [[scp|SFTP]] and [[scp|SCP]] protocols allow for this, but the actual method is platform dependent. The [[scp|SFTP]] and [[scp|SCP]] protocols allow for this, but the actual method is platform dependent.
-With SFTP protocol, you can use //[[ui_login_sftp#protocol_options|SFTP server]]// option on //SFTP page// of Advanced Site Settings dialog to execute SFTP binary under a different user. With OpenSSH server, you can specify:+  * With SFTP protocol, you can use //[[ui_login_sftp#protocol_options|SFTP server]]// option on //SFTP page// of Advanced Site Settings dialog to execute SFTP binary under a different user. With OpenSSH server, you can specify: \\ <code> 
 +sudo /bin/sftp-server 
 +</code> Note that SFTP server binary may be located elsewhere((You can see path to SFTP binary in ''Subsystem sftp'' clause in ''/etc/ssh/sshd_config'', unless keyword ''internal-sftp'' is used instead of a path.)) (e.g. in ''/usr/lib/sftp-server'', ''/usr/lib/openssh/sftp-server'' or ''/usr/libexec/openssh/sftp-server'').
-  sudo /bin/sftp-server +  * With SCP protocol, you can specify the following command as custom shell on the //[[ui_login_scp#shell|SCP/Shell page]]// of Advanced Site Settings dialog: \\ <code> 
- +sudo -s 
-Note that SFTP server binary may be located elsewhere((You can see path to SFTP binary in ''Subsystem sftp'' clause in ''/etc/ssh/sshd_config'', unless keyword ''internal-sftp'' is used instead of a path.)) (e.g. in ''/usr/lib/sftp-server'', ''/usr/lib/openssh/sftp-server'' or ''/usr/libexec/openssh/sftp-server''). +</code>
- +
-With SCP protocol, you can specify following command as custom shell on the //[[ui_login_scp#shell|SCP/Shell page]]// of Advanced Site Settings dialog: +
- +
-··sudo -s+
However you will not be able to provide a password for ''su'' (see [[remote_command#limitations|remote command execution limitations]]). So you may be able to do the above only if you are allowed to do ''sudo su'' without being prompted with password. See ''[[&man_ref(8,sudo)|sudo]]'' documentation to learn how to do that. For example you can add following line to ''[[&man_ref(5,sudoers)|sudoers]]'' file (''/etc/sudoers''): However you will not be able to provide a password for ''su'' (see [[remote_command#limitations|remote command execution limitations]]). So you may be able to do the above only if you are allowed to do ''sudo su'' without being prompted with password. See ''[[&man_ref(8,sudo)|sudo]]'' documentation to learn how to do that. For example you can add following line to ''[[&man_ref(5,sudoers)|sudoers]]'' file (''/etc/sudoers''):

Last modified: by martin