sudo– such as a modifier key.
Incredibly useful piece of work, BTW. I hope it earns you the blessings it deserves.
sudo– such as a modifier key.
sudokeeps asking me for a password. I even attempted a reboot and it still does this. At this point I am assuming this to be a problem with Ubuntu I'd need to research more than anything, though if you have any suggestions feel free to say something.
username ALL=NOPASSWD: /usr/lib/openssh/sftp-server
sftp-serverbinary to another name e.g.
cd /root cp /usr/libexec/openssh/sftp-server admin1-sftp-server
chown admin1 admin1-sftp-server
/etc/passwdis 100 and 100 is "users" group in
chgrp users admin1-sftp-server
chmod 6550 admin1-sftp-server
/rootto which no one but root has access normally.)
sudoersfile (use visudo) to allow the new script to be run by user as root. e.g.
ralph ALL=NOPASSWD: /root/admin1-sftp-server billybob ALL=NOPASSWD: /root/admin1-sftp-server
sftp-servercopy you made instead of "Default". e.g.
/root/admin1-sftp-server) running as the user that owns this (admin1-)sftp-server instead of root. Any files created by this session will be owned by the user that owns (admin1-)sftp-server and grouped to the group of (admin1-)sftp-server.
sftp-serverfor some reason it won't automatically patch copies like admin1-sftp-server. If the reason for patching is a security concern it is important you repeat the process above after the patching to insure you have the same security fix in all copies.
Sorry, I'm possibly not patient enough to try to understand all details. Though my question was not why you doMy counter question is why would one want to allow sudo to root on WinSCP transfer? Hopefully anyone setting that up is restricting it to System Administrators.
sudo adminaccount. I was asking why you need to run
sftp-serveras non-root user to do that. So I do not see a point of your counter question.
sudo adminaccountfrom within WinSCP because it starts
sftp-serveron connection. I thought the point of the thread was that due to this you have to do the sudo setup using root.
suto adminaccount and then run
sftp-serverbut none of the syntax I tried seemed to work. It was at that point that I posted my question on LQ.
adminaccount-sftp-serverafter creating it as detailed) and came up with the workaround I posted on LQ and here.
sftp-serverand somehow connect to that running
sftp-serverwith WinSCP? If so I'd be interested in hearing how its done – I tried it and didn't get very far.
sftp-serveras root as they would then be able to use WinSCP to accidentally do all sorts of things such as deleting critical files.
sftp-serveras root. When I do it allows them to delete anything on the system via WinSCP instead of just deleting files owned by the specific adminaccount. That is to say the user the
sftp-serverthat is running has the power of the user that is running it and I don't want to grant them root power. My counter question was why would anyone want to grant root power to users other than System Administrators?
I keep getting this when I try that:I fought with this today and came up with the following solution:
Add a line to your sudoers file:
Then in the SFTP setup section of WinSCP edit the session SFTP server:username ALL=NOPASSWD: /usr/lib/openssh/sftp-server
Boom, root access to file system via WinSCP.sudo /usr/lib/openssh/sftp-server
I've checked the path towinscp sudo Cannot initialize SFTP protocol. Is the host running a SFTP server?
sshd_configand made sure it was the same in
sudoersand WinSCP. still no luck.
/etc/sudoersfile and comment out
You can post new topics in this forum