Multi-user issues

alsahhim · May 22, 2016, 5:08am

Hello, I am very happy with this script for myself but I recently tried to add my friend to my box as another user and he is unable to connect via sFTP. Filezilla returns this error “Error: Received unexpected end-of-file from SFTP server \ Error: Could not connect to server”. installed the latest version of the script as of yesterday on ubuntu server server 16.04. I also had to chown his autodl irssi config file for him to be able to write to it from rutorrent. Thank you

edit: I forgot to mention that he is able to connect via regular plain text FTP and he can also login via SSH, just can’t login to sFTP

dtech_banned · May 22, 2016, 5:16am

are you trying to log in ftp with filezilla or a ftp client?

also set as ftp instead rather than sftp

filezilla works well as ftp

alsahhim · May 22, 2016, 5:24am

I am trying to login sftp via filezilla and it is failing. I am able to login via regular ftp with filezilla but I would prefer the traffic to be encrypted. I have also tried with other ftp clients like cyberduck and cuteftp and I am still unable to login via sftp with his account

dtech_banned · May 22, 2016, 5:25am

because sftp is not enabled in the script.

alsahhim · May 22, 2016, 5:27am

it’s enabled for my master user, I can login with my master account and transfer via sftp. So you’re saying for any additional users that I add they aren’t also able to use sftp? only ftp

JMSolo · May 22, 2016, 5:30am

Your master user, the one used on script install should have SFTP without issue. If you would like your friends to have SFTP, you will need to add them to sudoers. The reason being the script implements limited shell for it’s bash environment. You can enable SFTP via /etc/lshell.conf

Then change the line:

sftp            : 0

to

sftp            : 1

Heads Up!

This can lead to users easily breaking out of their directories. I can implement a fix in the next couple of days that addresses this and offers better chroot lists with lshell. TLS is normally enough to encrypt a connection, but it is understandable some want higher grade encryption.

alsahhim · May 22, 2016, 5:35am

awesome! thank you very much JMSolo and dtech for your responses. Everything works perfectly now with the sftp. I’m not too worried with him getting out of his directory as he is a personal friend but thank you for the warning

k6tm · January 31, 2017, 4:29pm

Hey, do we finaly have any solution to enable sftp for all user and keep them chroot in their directory?

Thx

JMSolo · January 31, 2017, 10:45pm

We do not, however, FTP with auth TLS is still a secure option.

k6tm · February 1, 2017, 5:35pm

Oh thx, i had miss that possibility

g1antj4ck · October 2, 2018, 12:47pm

took me some time but i fixed it:
chmod 711 /home
chmod 777 /home/user1

change in /etc/lshell.conf
line allowed_cmd_path: [’/home/’]
to #allowed_cmd_path: [’/home/’]
not sure for what that allowed_cmd_path: [’/home/’] is but if it stay you cannot login to lshell anymore
be sure to turn on sftp : 1
when you now try to go in /home u get Permission denied