Ugy nez ki, hogy a /var/ftp/user[1|2] konyvtarak jogai jok:
ls -n
total 8
drwxrwx--- 4 111 65534 4096 Nov 2 09:55 user1
drwxrwx--- 4 111 65534 4096 Nov 2 10:22 user2
Felhasznalva http://www.proftpd.org/docs/contrib/mod_sftp.html#SFTPAndFTP
infot update-eltem az /etc/proftpd/proftpd.conf
fajlt a kovetkezo sorokkal: (az elozo sftp beallitasokat toroltem)
<IfModule mod_sftp.c>
<VirtualHost 0.0.0.0>
SFTPEngine on
Port 2222
SFTPLog /var/log/proftpd/sftp.log
TransferLog /var/log/proftpd/sftp-xferlog
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPHostKey /etc/ssh/ssh_host_dsa_key
SFTPAuthMethods password
AuthUserFile /etc/proftpd/sftp.passwd
MaxLoginAttempts 6
DefaultRoot ~
</VirtualHost>
</IfModule>
majd systemctl start proftpd utan wscp-re probalok a 2222-es porton mint user1 bejelentkezni, amit azonban nem enged:
cat sftp.log
.
.
.
2015-11-02 11:55:19,369 mod_sftp/0.9.9[2785]: sent server version 'SSH-2.0-mod_sftp/0.9.9'
2015-11-02 11:55:19,380 mod_sftp/0.9.9[2785]: received client version 'SSH-2.0-WinSCP_release_5.1.5'
2015-11-02 11:55:19,380 mod_sftp/0.9.9[2785]: handling connection from SSH2 client 'WinSCP_release_5.1.5'
2015-11-02 11:55:19,382 mod_sftp/0.9.9[2785]: + Session key exchange: diffie-hellman-group-exchange-sha1
2015-11-02 11:55:19,382 mod_sftp/0.9.9[2785]: + Session server hostkey: ssh-rsa
2015-11-02 11:55:19,382 mod_sftp/0.9.9[2785]: + Session client-to-server encryption: aes256-ctr
2015-11-02 11:55:19,382 mod_sftp/0.9.9[2785]: + Session server-to-client encryption: aes256-ctr
2015-11-02 11:55:19,382 mod_sftp/0.9.9[2785]: + Session client-to-server MAC: hmac-sha1
2015-11-02 11:55:19,382 mod_sftp/0.9.9[2785]: + Session server-to-client MAC: hmac-sha1
2015-11-02 11:55:19,382 mod_sftp/0.9.9[2785]: + Session client-to-server compression: none
2015-11-02 11:55:19,382 mod_sftp/0.9.9[2785]: + Session server-to-client compression: none
2015-11-02 11:55:22,075 mod_sftp/0.9.9[2785]: sending acceptable userauth methods: password
2015-11-02 11:55:26,413 mod_sftp/0.9.9[2785]: authentication for user 'user1' failed: Invalid shell
2015-11-02 11:55:26,413 mod_sftp/0.9.9[2785]: sending userauth failure; remaining userauth methods: password
2015-11-02 11:55:26,414 mod_sftp/0.9.9[2785]: client sent SSH_MSG_IGNORE message (176 bytes)
2015-11-02 11:55:28,813 mod_sftp/0.9.9[2785]: disconnecting client (received EOF)
UJ: 13:38 ================================================
Segitett egy sor betoldasa a virtual reszben:
RequireValidShell off
<IfModule mod_sftp.c>
<VirtualHost 0.0.0.0>
SFTPEngine on
Port 2222
SFTPLog /var/log/proftpd/sftp.log
TransferLog /var/log/proftpd/sftp-xferlog
SFTPHostKey /etc/ssh/ssh_host_rsa_key
SFTPHostKey /etc/ssh/ssh_host_dsa_key
SFTPAuthMethods password
AuthUserFile /etc/proftpd/sftp.passwd
RequireValidShell off
MaxLoginAttempts 6
DefaultRoot ~
</VirtualHost>
</IfModule>
majd systemctl start proftpd utan wscp-re probalok a 2222-es porton mint user2 bejelentkezni - mukodik.
Egy kis megkotessel, ujonnan letezo fajlt meeg nem tudok atirni... :-(
2015-11-02 12:36:36,607 mod_sftp/0.9.9[3392]: received client version 'SSH-2.0-WinSCP_release_5.1.5'
2015-11-02 12:36:36,607 mod_sftp/0.9.9[3392]: handling connection from SSH2 client 'WinSCP_release_5.1.5'
2015-11-02 12:36:36,608 mod_sftp/0.9.9[3392]: + Session key exchange: diffie-hellman-group-exchange-sha1
2015-11-02 12:36:36,608 mod_sftp/0.9.9[3392]: + Session server hostkey: ssh-rsa
2015-11-02 12:36:36,608 mod_sftp/0.9.9[3392]: + Session client-to-server encryption: aes256-ctr
2015-11-02 12:36:36,608 mod_sftp/0.9.9[3392]: + Session server-to-client encryption: aes256-ctr
2015-11-02 12:36:36,608 mod_sftp/0.9.9[3392]: + Session client-to-server MAC: hmac-sha1
2015-11-02 12:36:36,608 mod_sftp/0.9.9[3392]: + Session server-to-client MAC: hmac-sha1
2015-11-02 12:36:36,608 mod_sftp/0.9.9[3392]: + Session client-to-server compression: none
2015-11-02 12:36:36,608 mod_sftp/0.9.9[3392]: + Session server-to-client compression: none
2015-11-02 12:36:39,747 mod_sftp/0.9.9[3392]: sending acceptable userauth methods: password
2015-11-02 12:36:43,876 mod_sftp/0.9.9[3392]: no supplemental groups found for user 'user2'
2015-11-02 12:36:43,877 mod_sftp/0.9.9[3392]: sending userauth success
2015-11-02 12:36:43,877 mod_sftp/0.9.9[3392]: user 'user2' authenticated via 'password' method
2015-11-02 12:36:44,857 mod_sftp/0.9.9[3392]: client sent SSH_MSG_IGNORE message (176 bytes)
2015-11-02 12:36:44,858 mod_sftp/0.9.9[3392]: unsupported 'simple@putty.projects.tartarus.org' channel requested, ignoring
2015-11-02 12:36:44,859 mod_sftp/0.9.9[3392]: 'subsystem' channel request for 'sftp' subsystem
2015-11-02 12:36:44,967 mod_sftp/0.9.9[3392]: using SFTP protocol version 5 for this session (channel ID 0)
2015-11-02 12:36:44,969 mod_sftp/0.9.9[3392]: client sent 'vendor-id' extension: { vendorName = 'Martin Prikryl', productName = 'WinSCP', productVersion = '5.1.5', buildNumber = 3261 }
2015-11-02 12:37:00,084 mod_sftp/0.9.9[3392]: client set access time of '/scapy-2.3.1.zip' to Tue Oct 27 14:54:34 2015
2015-11-02 12:37:00,084 mod_sftp/0.9.9[3392]: client set modification time of '/scapy-2.3.1.zip' to Tue Oct 27 14:54:42 2015
2015-11-02 12:37:09,810 mod_sftp/0.9.9[3392]: OPEN command for '/ucarp-1.5.2.tar.gz' blocked by 'STOR' handler
2015-11-02 12:37:14,768 mod_sftp/0.9.9[3392]: OPEN command for '/ucarp-1.5.2.tar.gz' blocked by 'STOR' handler
2015-11-02 12:37:15,973 mod_sftp/0.9.9[3392]: client set access time of '/ucarp-1.5.2.tar.gz' to Thu Oct 1 12:41:12 2015
2015-11-02 12:37:15,973 mod_sftp/0.9.9[3392]: client set modification time of '/ucarp-1.5.2.tar.gz' to Thu Oct 1 12:41:26 2015
2015-11-02 12:37:24,392 mod_sftp/0.9.9[3392]: disconnecting client (received EOF)