Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: umask for internal-sftp users ?
Top Forums UNIX for Dummies Questions & Answers umask for internal-sftp users ? Post 302479166 by vilius on Friday 10th of December 2010 02:50:37 AM
Old 12-10-2010
umask for internal-sftp users ?
Hello,

Running Debian 5.
SSH version 5.1p1-5.

How do I set umask for sftp only users ?

Users are jailed - that means they use internal-sftp:
Code:
# cat /etc/ssh/sshd_config
..........
Match group group1
        ChrootDirectory /home/%u
        X11Forwarding no
        AllowTcpForwarding no
        ForceCommand internal-sftp
..........


thanks
Vilius
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

SFTP plugin for Windows Users?

I've had the hardest time getting my Windows users (technically proficient users who grew up with VAX.VMS systems) to abandon FTP and TELNET for SSH and SFTP/SCP. It's getting to the point where I'm getting seriously angry at them for being "stupid". With that little bit of complaint aside after... (1 Reply)
Discussion started by: deckard
1 Replies

2. UNIX Desktop Questions & Answers

Sftp Umask

Hi All, in my HP-UX 11.11 , there is an parameter of SFTP_UMASK at env, but How do we use it ? I tried with type : SFTP_UMASK=022 and when I type : env the SFTP_UMASK value has changed to 022 . but when I send a file with use SFTP from other pc/server . It still umask 077 (chmod... (4 Replies)
Discussion started by: mdjuarsa
4 Replies

3. UNIX for Advanced & Expert Users

Forwarding internal internet packets to internal webserver using iptables

Hi, I need to redirect internal internet requests to a auth client site siting on the gateway. Currently users that are authenticated to access the internet have there mac address listed in the FORWARD chain. All other users need to be redirected to a internal site for authentication. Can... (1 Reply)
Discussion started by: mshindo
1 Replies

4. HP-UX

Limiting SFTP Users While Not Limiting Regular Users?

Hi, I have searched the web and have come back with nothing that is satisfactory for what I require. SFTP is my corporations new file transfer standard. What I require is a method to lock down SFTP users to their directory (they may go to sub directories) while not restricting regular users. ... (2 Replies)
Discussion started by: Emancipator
2 Replies

5. Linux

users can't sftp into my server

I am running a fedora core 13 server and I am having trouble with sftp. My users can connect to the server using SSH both using public key and password authentication. For some reason they are not able to connect using sftp. I'l not sure what's going on. I ran sshd in debug mode and here's... (6 Replies)
Discussion started by: emildiego
6 Replies

6. Red Hat

Restricting multiple users to run only sftp server

Hello, can someone please provide steps, can I restrict a multiple users to only access only sftp on a server, to perform upload and download of files on their home directories. 1. I have updated their login shell as /sbin/nologin. anything else do I need to update. Thanks, (3 Replies)
Discussion started by: bobby320
3 Replies

7. Shell Programming and Scripting

Help to compare umask of different users.

hi i am trying to compare the usmask of an user.i m getting an error while doing the comaparison.The code i am using is val=`su - user -c "umask" | tail -2 | sed -n "//p"` if then echo "477 found." fi When i execute this i am getiin an error like: sh: ^ I've... (3 Replies)
Discussion started by: chacko193
3 Replies

8. Red Hat

Chroot sftp users, remote sftp login shows wrong timestamp on files

Hello, I have a weird issue, I have RHEL 5.7 running with openssh5.2 where sftpgroup OS group is chroot. I see the difference difference in timestamp on files, when I login via ssh and SFTP, I see four hour difference, is something missing in my configuration. #pwd... (8 Replies)
Discussion started by: bobby320
8 Replies

9. Shell Programming and Scripting

lftp script to connect to external sftp site and download to internal ftp and then send email

Hi there, I'm new to shell scripting and need some help if possible? I need to create a shell script (.sh) to run as a cron job on an ubuntu linux server to connect to an external sftp sites directory using credentials (which I have) and then download to our internal ftp server and then copy... (3 Replies)
Discussion started by: ghath
3 Replies

10. IP Networking

SFTP connection using two different users

Hi All This is regarding an SFTP Password less connection. I am logged into my local Server1 using username1. The remote server i have to connect is "Remoteserver1" with the "useriD" provided. I have already exchanged the public key and they are added to the authorized keys in the remote... (2 Replies)
Discussion started by: sparks
2 Replies

LEARN ABOUT OSX

sftp-server

SFTP-SERVER(8)						    BSD System Manager's Manual 					    SFTP-SERVER(8)

NAME

     sftp-server -- SFTP server subsystem

SYNOPSIS

     sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] [-u umask]

DESCRIPTION

     sftp-server is a program that speaks the server side of SFTP protocol to stdout and expects client requests from stdin.  sftp-server is not
     intended to be called directly, but from sshd(8) using the Subsystem option.

     Command-line flags to sftp-server should be specified in the Subsystem declaration.  See sshd_config(5) for more information.

     Valid options are:

     -d start_directory
	     specifies an alternate starting directory for users.  The pathname may contain the following tokens that are expanded at runtime: %%
	     is replaced by a literal '%', %h is replaced by the home directory of the user being authenticated, and %u is replaced by the user-
	     name of that user.  The default is to use the user's home directory.  This option is useful in conjunction with the sshd_config(5)
	     ChrootDirectory option.

     -e      Causes sftp-server to print logging information to stderr instead of syslog for debugging.

     -f log_facility
	     Specifies the facility code that is used when logging messages from sftp-server.  The possible values are: DAEMON, USER, AUTH,
	     LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.  The default is AUTH.

     -h      Displays sftp-server usage information.

     -l log_level
	     Specifies which messages will be logged by sftp-server.  The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1,
	     DEBUG2, and DEBUG3.  INFO and VERBOSE log transactions that sftp-server performs on behalf of the client.	DEBUG and DEBUG1 are
	     equivalent.  DEBUG2 and DEBUG3 each specify higher levels of debugging output.  The default is ERROR.

     -R      Places this instance of sftp-server into a read-only mode.  Attempts to open files for writing, as well as other operations that
	     change the state of the filesystem, will be denied.

     -u umask
	     Sets an explicit umask(2) to be applied to newly-created files and directories, instead of the user's default mask.

     For logging to work, sftp-server must be able to access /dev/log.	Use of sftp-server in a chroot configuration therefore requires that
     syslogd(8) establish a logging socket inside the chroot directory.

SEE ALSO

     sftp(1), ssh(1), sshd_config(5), sshd(8)

     T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress material.

HISTORY

     sftp-server first appeared in OpenBSD 2.8.

AUTHORS

     Markus Friedl <markus@openbsd.org>

BSD
								  January 4, 2013							       BSD
All times are GMT -4. The time now is 04:09 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy