Is SFTP supported by VestaCP by default?
-
baijianpeng
- Posts: 301
- Joined: Tue Dec 22, 2015 2:06 pm
Is SFTP supported by VestaCP by default?
When I use FileZilla to connect via FTP to my VestaCP server, I noticed that there is also a "SFTP" option in FileZilla's "site manager".
Well, after some googling, I know that SFTP is safer than FTP.
Then, how can I use SFTP to connect to my server? Is it supported by VestaCP by default? Or do I need some special settings?
Do I need to buy the "SFTP Chroot" plugin from VestaCP team to enable SFTP? If I don't care which folder the SFTP will login in( I am the only user on this VPS), do I still need to buy that plugin to enjoy SFTP?
Thank you.
Well, after some googling, I know that SFTP is safer than FTP.
Then, how can I use SFTP to connect to my server? Is it supported by VestaCP by default? Or do I need some special settings?
Do I need to buy the "SFTP Chroot" plugin from VestaCP team to enable SFTP? If I don't care which folder the SFTP will login in( I am the only user on this VPS), do I still need to buy that plugin to enjoy SFTP?
Thank you.
Re: Is SFTP supported by VestaCP by default?
SFTP es supported by default in default user vesta ( admin ) and any new vesta user
But not in aditional FTP accounts
But not in aditional FTP accounts
-
baijianpeng
- Posts: 301
- Joined: Tue Dec 22, 2015 2:06 pm
Re: Is SFTP supported by VestaCP by default?
Thank you skamasle. Do I need to enable or set something else?
Or it is so simple: just use the VestaCP default "admin" user and his password to fill in the corresponding fields in FileZilla?
Thank you.
Or it is so simple: just use the VestaCP default "admin" user and his password to fill in the corresponding fields in FileZilla?
Thank you.
-
baijianpeng
- Posts: 301
- Joined: Tue Dec 22, 2015 2:06 pm
Re: Is SFTP supported by VestaCP by default?
Ok, I did a test:
When I use the default user "admin" which was created AUTOMATICALLY by VestaCP during its insllation, I just fill in this username and his password (which was also generated by VestaCP automatically) into Fizilla and choose "SFTP". Then I successfully connected to my sever !
However, in next test, I used another user, which was created by me on VestaCP GUI panel, to connect via SFTP, but failed.
Filezilla returned following error message:
Thank you.
When I use the default user "admin" which was created AUTOMATICALLY by VestaCP during its insllation, I just fill in this username and his password (which was also generated by VestaCP automatically) into Fizilla and choose "SFTP". Then I successfully connected to my sever !
However, in next test, I used another user, which was created by me on VestaCP GUI panel, to connect via SFTP, but failed.
Filezilla returned following error message:
Why a new user in VestaCP can not use SFTP?Received unexpected end-of-file from SFTP server
Thank you.
Re: Is SFTP supported by VestaCP by default?
Turn on bash as shell for that user.
I not remember but I think shell is disabled by default
I not remember but I think shell is disabled by default
-
baijianpeng
- Posts: 301
- Joined: Tue Dec 22, 2015 2:06 pm
Re: Is SFTP supported by VestaCP by default?
hi skamasle, you solved this problem, thank you!
You know, I am almost a layman of Linux, so I searched and found how to change the shell for that user. I will post the process here to help other newbie users:
1. First, check the new user created by VestaCP if he has shell permission:
From the result, we can see that the new user (I use "NAEWUSERNAME" to replace the real username) has no shell permission (nologin). This is why he can not login to server via SFTP.
The second line of the result is for the "additional FTP account" (username: NAEWUSERNAME_ftp), we don't need to grant this account a shell.
2. Grant the bash as a shell for this user:
This command will allow the user "NAEWUSERNAME" to use /bin/bash as his shell.
3. Check again if this user has got a shell permission:
Well, you can see that the result changed: now it is not "nologin", but "/bin/bash" in the first line.
Then I tested in Filezilla, wow, now "NAEWUSERNAME" can connect to server via SFTP instantly!
Thank you @skamasle!
You know, I am almost a layman of Linux, so I searched and found how to change the shell for that user. I will post the process here to help other newbie users:
1. First, check the new user created by VestaCP if he has shell permission:
Code: Select all
root@mail:~# grep NAEWUSERNAME /etc/passwd
NAEWUSERNAME:x:1001:1001:[email protected]:/home/NAEWUSERNAME:/usr/sbin/nologin
NAEWUSERNAME_ftp:x:1001:1001::/home/NAEWUSERNAME/web/joomlagate.com:/sbin/nologinThe second line of the result is for the "additional FTP account" (username: NAEWUSERNAME_ftp), we don't need to grant this account a shell.
2. Grant the bash as a shell for this user:
Code: Select all
root@mail:~# usermod -s /bin/bash NAEWUSERNAME3. Check again if this user has got a shell permission:
Code: Select all
root@mail:~# grep NAEWUSERNAME /etc/passwd
NAEWUSERNAME:x:1001:1001:[email protected]:/home/NAEWUSERNAME:/bin/bash
NAEWUSERNAME_ftp:x:1001:1001::/home/NAEWUSERNAME/web/joomlagate.com:/sbin/nologinThen I tested in Filezilla, wow, now "NAEWUSERNAME" can connect to server via SFTP instantly!
Thank you @skamasle!
Re: Is SFTP supported by VestaCP by default?
You can change shell form vesta gui
-
baijianpeng
- Posts: 301
- Joined: Tue Dec 22, 2015 2:06 pm
Re: Is SFTP supported by VestaCP by default?
Oh, yeah, I did not notice that. Your solution is better !
Thank you.
Thank you.
Re: Is SFTP supported by VestaCP by default?
Hi baijianpeng!baijianpeng wrote:Ok, I did a test:
When I use the default user "admin" which was created AUTOMATICALLY by VestaCP during its insllation, I just fill in this username and his password (which was also generated by VestaCP automatically) into Fizilla and choose "SFTP". Then I successfully connected to my sever !
However, in next test, I used another user, which was created by me on VestaCP GUI panel, to connect via SFTP, but failed.
Filezilla returned following error message:
Why a new user in VestaCP can not use SFTP?Received unexpected end-of-file from SFTP server
Thank you.
I'm having exactly the same problem. For new users, no SFTP. So, following instructions here, I used vesta guid to change it: I logged in as admin, clicked on EDIT user, and changed the option under SSH (bash, nologin, sh) - I changed to bash.
It worked, I was able to login in with SFTP. However - and this is the PROBLEM - I could see all the folders and files since /root, and not only the ones under that specific user (conf/mail/tmp/web). How does one solve that?
Thanks,
Ulisses
Re: Is SFTP supported by VestaCP by default?
By default this is not supported
So if you add new ftp user is just a new ftp user not SFTP user, if you modify something in unsopported way and not works as aspected you cant fixed in easy way yet.
If you want fix some security isues with sftp maybe you need buy a extension to add some protection with chroot
So if you add new ftp user is just a new ftp user not SFTP user, if you modify something in unsopported way and not works as aspected you cant fixed in easy way yet.
If you want fix some security isues with sftp maybe you need buy a extension to add some protection with chroot