Software :: Umask For Internal-sftp Users?
Dec 9, 2010How do I set umask for sftp only users ?Users are jailed - that means they use internal-sftp:
Code:
# cat /etc/ssh/sshd_config
..........
[code]...
ADVERTISEMENT
Software :: Setting Umask For Incoming Sftp Users?
Dec 29, 2008We have users that send files to our server via sftp... We normallyhave umask set to 022 but for these files we would like to force a umask of 002... I've tried to change in the .bash_profile but does not seem to make any difference...
View 1 Replies View RelatedUbuntu Servers :: Sftp On Vsftpd - Make / Force All Users To Use Sftp And Not Just Ftp
Apr 13, 2011i have a vsftpd server running well but i want to make/force all users to use sftp and not just ftp is this possible?
View 1 Replies View RelatedGeneral :: Get Umask For All Users Using Script?
Feb 16, 2010I am writing a bash script for auditing a Linux System. One of the points to capture is the umask of the users in the system.
Though a 'umask' command executed by the respective user gives this value, i am not sure how to get this in a script, which would be run with root credentials. This my be pretty easy, but i am not sure how root can find this for say 'user-x' (except say peeking into /etc/bashrc).
umask doesn't seem to accept username argument like the 'id' command does...
General :: Set Default Umask For Users?
Jan 4, 2010I think the following code is trying to change the settings inside the file:
CISum=077
sed -e "s/002/$CISum/" -e "s/022/$CISum/" /etc/bashrc-preCIS > /etc/bashrc
sed -e "s/002/$CISum/" -e "s/022/$CISum/" /etc/csh.cshrc-preCIS > /etc/csh.cshrc
[code].....
But, what if i only want to check what the settings are inside the file, but does not want any changes to the file.
Ubuntu :: Change The UMASK For Users Who Log In On A LTSP Terminal?
Jun 25, 2010I'm setting up an application server for a small organization using Ubuntu 10.04 and LTSP. We built a machine with a quad core Athlon II, got a Gigabit swtich, and a couple Gigabit ethernet cards. I burned gPXE into a couple EPROMs and turned their old PIII and Duron systems into thin clients.
So far so good.
Now, I'm trying to set up a shared directory that two users in the same group can both read and write. Let's call it "/home/shared". I want to set UMASK to 007, so that by default, files are created readable and writable by user and group, with no permissions for anybody else. I changed a line in "/etc/profile" from "umask 022" to "umask 007". After rebooting the app server, the umask does appear to be 007 when you log in at the console. However, it doesn't seem to affect the terminals.
So I figured I needed to change it in "/opt/ltsp/i386/etc/profile". vi helped me out with that. Didn't make a difference in the terminals. Ok, I need to rebuild the image, so I did an "ltsp-update-image" and rebooted the terminal. umask is still 022. ???
I changed UMASK in "/opt/ltsp/i386/etc/login.defs" and rebuilt the image. No change. ??? I really don't understand why this isn't working.
How can I change the UMASK for users who log in on an LTSP terminal?
General :: Umask And Permissions - Has Umask 007 Bad Side Effects?
Mar 16, 2011My Debian system has by default umask permissions of 0022, which I never liked. One user can read all the files of another seems very insecure to me.
I am planing to set it to 007, so that user and group have rw but all others have none.
Are there any side effects to that? I have noticed from a trial I did where I was changing permissions on the filesystem that some system stuff in the OS does not work anymore, if "others" have no read permission anymore, so that is why I am asking.
And why are chmod / umask permissions sometimes stated as 4 digits? What is this "all" group in the end? Isn't that already covered by "others"?
OpenSUSE Network :: OpenSSH Chroot Only Supports Internal-sftp?
Nov 16, 2009Had my chroot jail all set up and working nicely in OpenSUSE 11.1, upgraded to OpenSUSE 11.2 and had to set:
Subsystem sftp internal-sftp
(which was:
Subsystem sftp /usr/lib64/ssh/sftp-server)
and:
ForceCommand internal-sftp
[Code]...
Of which with-pam is mandatory. I used prefix to put the binaries in a place that would not conflict with the standard distribution, this meant I also needed to change /etc/init.d/sshd so that it referenced the newly compiled version of sshd, and copy /etc/ssh/sshd_config to /opt/etc/sshd_config.
General :: See If Users Are Logged In Over Sftp?
Aug 9, 2011I run a linux file server for my office and we user SFTP for remote partners to login and download files. Is there a way to see if there are any active connections or logins so I can know when it is safe to perform maintenance on the machine?
Since the machine is almost constantly serving large files, scheduled maintenance is often bumped off due to someone either upload
Ubuntu :: 'ls' Command Disconnects Users On SFTP?
Jun 17, 2010I'm using Ubuntu Server 10.04 and I'm also using OpenSSH 5.3. I have SFTP-only users in a chrooted environment. Users are able to login, change directories, upload and download files, but as soon they attempt to give the 'ls' or any list directory. the server disconnects.
View 1 Replies View RelatedRed Hat / Fedora :: Allow Users To Use Sftp Only Access One Folder?
Apr 15, 2010I want to allow users to user sftp to upload and download files frome one folder, as you know this uses ssh, my question is if i create user to access linux serverthrough ftpd they will be able to browse the root directry, can I create users and ristrict them to only specific directory?
View 1 Replies View RelatedUbuntu :: Sftp Sending Users To Root Directory?
Dec 3, 2010I have an ftp server and normal login works fine as well as ftps but for some reason sftp sends all my accounts to the root directory of the entire server (not good). Been searching around but can't find a fix.
View 6 Replies View RelatedServer :: Dump All Users To The Same Sftp Starting Directory?
Jul 7, 2010Using CentOS 5.5. I have a handful of users that I need to have connect to my server via sftp and start in the same directory. for example, user1, user2, user3, etc.. will connect via sftp and upon connection will all be in the /some/dir/path/ftp-root directory.I know one way is to create these users all with the same 'home' directory, since by default a user starts in their home directory when connecting via sftp, but before just doing that, I wanted to find out if that is really the appropriate method to use? alternatives? Is there some setting on the sftp server end that could direct all users to one starting directory so that these users don't have to have the same 'home' dir? I'm using the sshd daemon that comes with CentOS 5.5 (with all current updates/patches)
View 4 Replies View RelatedServer :: SFTP Jail Users Password Updation?
Mar 22, 2011I have configured the SFTP Jail for some of the users in my sftp server and which is hosted for my clients.i have one small issues and i need the help from experts. e /../jajil/etc/shadow file. can you please help me how to update the password in /../jail/etc/shadow file instead of updating in /etc/shadow file.
View 3 Replies View RelatedFedora :: Chroot Users To Home Directory In SFTP Server?
Apr 12, 2011I see this questioned asked a lot and figured this tutorialThis tutorial explains how to create an SFTP server which confines (or chroot) users to their own home directory and deny them shell access.
View 1 Replies View RelatedUbuntu Servers :: Allow Users Access Via SSH Terminal Or Sftp Via WinSCP?
Jun 6, 2010I am currently running Ubuntu Server 9.10 as an FTP server. It has become a necessity to allow users access via SSH terminal or sftp via WinSCP. I need to be able to monitor what users are doing at any given time and be able to pull up each users activity history. Essentially I need to be able to pinpoint who modified a file at what time. Also what is the best method to monitor things like nmap probes?
View 1 Replies View RelatedCentOS 5 Server :: Rssh Error Connection Closed - Restrict The Users To Scp And Sftp
Aug 6, 2011I have configured rssh 2.3 with openssh 5.8 on RHEL 5.6 64 bit to restrict the users to scp and sftp. When i try to sftp or scp it gives error connection closed. After long googling tried different solutions like add missing libraries, setuid to rssh_helper. I had full copy of /lib to /chroot/lib and /chroot/lib64 but no success. conf and log files are below for reference.
[Code]...
General :: Umask And /usr/bin/umask ?
Apr 25, 2011Not sure if this is the right place to ask this question. In Solaris we have umask (shell builtin) and /usr/bin/umask. However I could not find /usr/bin/umask in Linux.
I want to know the difference between both and how can we achieve the functionality of /usr/bin/umask in Linux as its not there...
OpenSUSE Network :: Lock A Certain Website For Internal Users?
Aug 4, 2010I have a firewall/router box running openSUSE 11.2 between the outside world and the LAN. This router also provides DNS for the LAN and has SuSEfirewall enabled. LAN users need (almost) full access to the internet. However, I want to block certain sites which are not required for work (you name it: facebook is my candidate). What is the most elegant way to block certain sites (which have quite a lot of different IP numbers) ?
View 2 Replies View RelatedUbuntu :: Allow All Users To Mount Internal Media Without A Password?
Oct 9, 2010Is there a way I can allow all users to mount internal media without entering a password, without using sudo, and without making edits to my /etc/fstab file.
View 9 Replies View RelatedGeneral :: Multiple Users To Create Directories Over SFTP So The New Directories Keep The Same Permissions?
May 15, 2011I want to make a webserver with multiple users allowed to login through SFTP to a specific folder, www.Multiple users are added, lets say user1 and user2, and all of them belonging to the www-data group. The www directory has an owner www-data and a group www-data.
I have used chmod -R 775 on the www folder, but after I try to create a folder test through my SFTP server (using Filezilla) the group of the directory created has only r and x permissions, and I am not able to log in with the second user user2 and create a directory within www/test due to a lack of w permission to the group.
I also tried using chmod 2775 on www directory, but without luck. Can somebody explain to me, how can I make it so that a newly created directory inherits the root directory group permissions?
General :: Connect To An SFTP Server From A Windows Machine To A SFTP Server Using A DSA Key?
Jul 24, 2011As a Windows user, I generated a pair of DSA keys from CoreFTP Lite and sent it to a third party that runs an SFTP server. They told me that a valid DSA key needs to have ssh-dsa at the start and the username@systemname at the end. CoreFTP generated neither the ssh-dsa header nor the username@systemname footer. I tried with WinSCP and it didn't generate them either. Is there a difference between how SFTP works between Windows and Linux? If I put a useraccount@systemname at the end of the text will it work? How would the Linux system validate that my system is called "systemname"? If it can't validate, what is the purpose of adding it?
View 2 Replies View RelatedGeneral :: Umask Change ?
Jun 7, 2011I have logged in with root user
My systems Umask value was 0022.
Code:
So i decided to change it to 0077 and observe the system for some time. so i edited /etc/profile and added
Code:
at the end of file
rebooted the machine.
But the umask is still showing as 0022
After the first attempt is failed I tried changing it using below command.
Code:
Validated it.
Code:
rebooted the machine but the umask is still showing 0022
So at last i have to modify /etc/bashrc file and add umask 077 at the end of the file.
How would i make it in general for all(Even for non-root user) and not just for bash prompt.
Security :: Have To Change Umask Value?
Mar 5, 2010I want to set permissions to a folder as rwx-r-x-r-x in such a way that whenever a new file or folder is created under it, it will automatically inherit the parent folders default permissions.So,what I need to do know, do I have to change the umask value??
View 5 Replies View RelatedOpenSUSE Install :: Where To Set Umask For User
Oct 27, 2010after installing openSuSE 11.3 i was thinking a bit about security. I read, it's a good idea to set umask of users to 077 . I'm unsure now, where to do this, cause there are different locations offered in the web:
/etc/login.defs
$HOME/.profile
/etc/profile - umask would be valid for root too.
And for my understanding:
- Is it wise to set root to umask 077 too or could this lead to negative effects on my system.
- Is it even senseless to umask the normal user to 077 if there is just one desktop-user using my system (myself ).
General :: Changing Default UMASK Value?
Jan 15, 2010I am attempting to modify the default umask value under all accounts on my linux system to 002. This will hopefully allow both the account and the account's group access to the created files.
I have modified it within /etc/bashrc, however it seems to be making no difference on this default value. The files I create through "File Browser" all have the access rights set to 600.
Is there any error here, as all evidence I can find on the internet points to the bashrc file.
Red Hat / Fedora :: Change Umask Value Permanently ?
Jun 16, 2009How to change Umask value permanently for all user in Red hat Version
View 1 Replies View RelatedSecurity :: Umask For Cron And Other Log Files?
Mar 16, 2011Does anyone have a solution for cron file permissions. I need them to be automatically generated 640, right not I believe they are 0644. Could I add a umask varible to the syslog.conf file to set the umask for cron generated files? Or is there a better way to do this. I am speaking only of logs generated by root.
View 1 Replies View RelatedSoftware :: Change Umask Of User ?
Jan 7, 2010I have a daemon running as a local user account on my red hat box. The problem is the daemon creates directories using a umask of 022. I need group write access to the directories the daemon is creating. I need the daemon to use a umask of 002. I've edited the daemons startup script in /etc/init.d I've changed the umask in the /etc/init.d/functions file. I've added the line "umask 002" in the user's ~/.bashrc and ~/.bash_profile files. I've also setup /etc/bashrc to assign all users a 002 umask (just for kicks)
View 3 Replies View RelatedFedora :: Umask, Chown, Chgrp And Other Commands?
Feb 7, 2010ok so im working on homework and im not understanding what my teacher is wanting me to do and i dont have time to email him seeing as he might not read it until tomorrow. so ill copy and paste and if anyone can better explain it,
2) Use the umask command to change your file creation mask such that,by default for new files and directories you create, no permissions are taken away from the 'user' (owner), write permissions are taken away from the 'group' (group owner), and all permissions (read, write and execute) are taken away from 'other'. Take a screenshot of your terminal window showing the results of this step.
3) Use the touch command to create a new file called testfile. Use the ls command to display the contents of your current directory in long mode. Take a screenshot of your terminal window showing the results of this step. Ensure that the directory listing for testfile is completely visible in your screenshot.
4) Use the chown command to change the user associated with testfile (the owner) to cint201. Take a screenshot of your terminal window showing the results of this step.
5) Use the chgrp command to change the the group associated with testfile (the group owner) to users. Take a screenshot of your terminal window showing the results of this step.
6) Use the chmod command to change the permissions for testfile such that the 'user' (owner) permissions are set to read, write and execute, the 'group' (group owner) permission are set to read and execute, the 'other' permissions are set to grant neither read, write nor execute, and finally set the SUID bit for the file. Take a screenshot of your terminal window showing the results of this step.
7) Use the ls command to display the contents of your current directory in long mode. Take a screenshot of your terminal window showing the results of this step. Ensure that the directory listing for testfile is completely visible in your screenshot.