"Use sudo on Login" issue. Unable to restrict to only sftp-server

Advertisement

rmccullough
Joined:
Posts:
2

"Use sudo on Login" issue. Unable to restrict to only sftp-server

Server info:
Ubuntu 20.04
SSH is configured to only accept passwordless login using a Private Key.
Only the my non-root user is allowed to connect via SSH.

Followed this: https://winscp.net/eng/docs/faq_su

Added sudo su -c /usr/lib/openssh/sftp-server to the SFTP server field in the Advanced Site Settings. Screenshot below.

When I add [username] ALL=NOPASSWD: ALL to sudoers, WinSCP can connect just fine. Running sudo su -c /usr/lib/openssh/sftp-server via PuTTY session prompts for pw.

However, when I replace the above with [username] ALL=NOPASSWD: /usr/lib/openssh/sftp-server it will fail to connect. Screenshot below. Running sudo su -c /usr/lib/openssh/sftp-server via PuTTY session does not prompt for a password and starts the service.

2021-01-07 12_04_35-Window.png

2021-01-07 12_03_15-Window.png

2021-01-07 12_09_04-Window.png

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
36,472
Location:
Prague, Czechia

Re: "Use sudo on Login" issue. Unable to restrict to only sftp-server

I'm no expert in sudo, but when you do sudo su -c something, isn't the command that you add to sudoers the su -c something and not just something? I understand that you claim that it works on command-line – can you double check that?

Also, why sudo su -c /usr/lib/openssh/sftp-server and not just sudo /usr/lib/openssh/sftp-server?

Reply with quote

rmccullough
Joined:
Posts:
2

I know very little about Linux... I've gotten to this through a lot of Google-fu.

Also, why sudo su -c /usr/lib/openssh/sftp-server and not just sudo /usr/lib/openssh/sftp-server?
Good question... I just modified the entry from the dropdown menu with the actual path to the sftp-server. I just changed it to sudo /usr/lib/openssh/sftp-server and it's now working fine.

2021-01-08 09_47_58-Window.png

Reply with quote

Advertisement

You can post new topics in this forum