SFTP Configuration

  • Hello out there!



    I need help to configure the SFPT Plugin urgently! I am not a newbie, but I don’t get it to function properly. I can run FTPS via Filezilla but SFTP doesn’t work.



    Goal:
    All users must be jailed into their shared folder and no access to root.



    I have set up SFTP on other Linux by hand, but I want to do it via interface because I don’t know if I harm something doing it manually.



    I tried to get some info via forum and google. But I failed :S . There is always mentioned a Group “sftp-acces”, but there is no such group. Do I have to crate it myself?



    Regards

  • Hi,


    I also hade problems to connect to sftp. I just solved it!
    I don't know if you have the same problem but i changed rights for the root and sftp folder.


    chmod 0755 /
    chmod 0755 /sftp
    chmod 0755 /sftp/"your username"


    I hope it helps you.


    Best regards!

    • Offizieller Beitrag

    There is always mentioned a Group “sftp-acces”, but there is no such group. Do I have to crate it myself?

    The plugin creates it - https://github.com/OpenMediaVa…aster/debian/postinst#L42



    chmod 0755 /

    If the user is not in the sftp-access group, the user will not be jailed. You shouldn't have to change permissions on the folders ESPECIALLY the root / folder! I understand the permission you a specifying is correct but you shouldn't have to do it.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • Thanks for your help. But we have a special setup and I try to explain.


    We have a server running OMV with two file servers keeping the shared folders. So, we have a folder structure like “/svr/file_server1/usershare” and like “/svr/file_server2/usershare” on the OMV server.


    In the “omv_sftp_config” the group access for sftp-access is “ChrootDirectory /sftp/%u” which is, I think, not correct. It should point to “/%disklabel/%usershare”.
    I would appreciate any help on that.


    Regards


    • Offizieller Beitrag

    In the “omv_sftp_config” the group access for sftp-access is “ChrootDirectory /sftp/%u” which is, I think, not correct. It should point to “/%disklabel/%usershare”.

    Nope. The plugin creates bind mounts to the shares that each user has access to in the /sftp/%u directory. I use this plugin and it works well.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • Ahaa…


    Can I use standard SFTP from Debian instead? Because there I can jail each user into his shared folder.


    Do I have to deinstall the plugin first?
    Do I have to change something in the settings (config) of OMV?

    • Offizieller Beitrag

    Can I use standard SFTP from Debian instead? Because there I can jail each user into his shared folder.

    I don't know what standard "SFTP from Debian" is? And if you put the user in the sftp-access group, they will be jailed in their shared folder. Are you sure you are using the port for the second sftp server created by the plugin and not the default ssh port number specified in OMV's ssh plugin?

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!