Skip to main content

Thread: openssh - sftp with filezilla, ChrootDirectory issue

-

hi,

have openssh installed , works great right out of box. however, don't want people accessing on machine.

machine behind nat , ufw firewall. have configured both port 22 open. i've added new users want have limited access , assigned them group "sambashare" (just because convenient.)

when bottom bit of config file "/etc/ssh/sshd_config" set shown below, works great:

#subsystem sftp /usr/lib/openssh/sftp-server
subsystem sftp internal-sftp

usepam yes

match group sambashare

# chrootdirectory /media/media/public
forcecommand internal-sftp
allowtcpforwarding no
whenever make change enable "chrootdirectory" limits users access, remove # , looks this:


#subsystem sftp /usr/lib/openssh/sftp-server
subsystem sftp internal-sftp

usepam yes

match group sambashare

chrootdirectory /media/media/public
forcecommand internal-sftp
allowtcpforwarding no
however, thats when start running problems. when try logging in filezilla; not able connect , response filezilla:

status: connecting ##.###.###.###...
response: fzsftp started
command: open "user@##.###.###.###" 22
command: trust new hostkey: once
command: pass: ********
error: not connect server
anyone know how , running?

what directory permissions on chroot'ed folder?


Forum The Ubuntu Forum Community Ubuntu Specialised Support Ubuntu Servers, Cloud and Juju Server Platforms [SOLVED] openssh - sftp with filezilla, ChrootDirectory issue


Ubuntu

Comments

Post a Comment

Popular posts from this blog

Error compiling for board Arduino/Genuino Uno.

-
hi new arduino , trying write code of temperature controlled fridge can adjust pot , temp in fridge changes lowest setting -15 , highest setting 30degrees. the temp drops below input pot im trying make compressor turn on , light show compressor on. new @ , im still not quite sure im doing. error below keeps popping , im not quite sure whats wrong code. im hoping on close path how should have done it, how fix error appreciated. arduino: 1.8.4 (windows 10), board: "arduino/genuino uno" c:\users\admin\appdata\local\temp\ccfcxdpc.ltrans0.ltrans.o:(.rodata+0x6): undefined reference `print::write(unsigned char const*, unsigned int)' c:/program files (x86)/arduino/hardware/tools/avr/bin/../lib/gcc/avr/4.9.2/../../../../avr/lib/avr5/crtatmega328p.o:(.init9+0x0): undefined reference `main' collect2.exe: error: ld returned 1 exit status exit status 1 error compiling board arduino/genuino uno. this report have more information with "show verbose output during comp
Read more

Installation database is corrupt

-
dear all,   last month installed trial version of cs3 on pc , when decided install extended version of cs3, it  didn't install.  learned adobe use wincs3clean script, downloaded , ran on computer, using level 1. after tried installing extended version of cs3 got message "installation database corrupt" , can't install cs3.  can me , let me know how solve problem? use windows, xp 2. appreciate help. charleshhh install what... disc or download   if download... rename original , download again... downloads corrupted More discussions in Photoshop Windows (read only) adobe
Read more

esp8266 (nodemcu 0.9) client.write très lent ???

-
Image
bonjour à tous, j'essaie d'établir une communication entre une carte nodemcu exp8266 et mon pc en wifi via les sockets wifi. cela fonctionne plutôt bien mais le problème vient de la lenteur des instructions liés à l'écriture : par exemple client.write(buf) qui s'exécute en 200ms et est donc bloquante. comment peut on faire pour réduire ce temps d'écriture car c'est vraiment handicapant. merci a+ antoconde vous êtes sous windows? si oui c'est sans doute dû aux delayed acks quote if make network trace network sniffer such microsoft network monitor, tcp server sends tcp ack segment last tcp segment in tcp data stream in delayed acknowledgement timer (also known delayed ack timer). default, windows operating systems, value timer 200 milliseconds (ms). faut éventuellement gérer l'agrégagtion d'ack dans votre code pc en contournant les infos systèmes. ça améliorera un peu les choses - mais le problème est côté pc pas esp (pa
Read more