Enable chrooted sftp access
I think this might have actually been a feature in previous versions, but judging from the forum topics, it isn't anymore...
I want to be able to allow users to use sftp to manage their files, but I don't want them to be able to ssh in, or browse any folders but their own. Currently sftp only works when I allow full bash access, and my test user was able to download files out of my boot partition.
David Reagan
shared this idea
Thank you for your input!
Unfortunately, we have to close request because over the years it has not become popular enough for including it to implementation plan.
—IB
-
David Reagan
commented
Found a fix. See http://forum.parallels.com/showthread.php?289785-Plesk-11-5-SFTP-on-chrooted-not-working&p=708115&viewfull=1#post708115 Apparently there's an unfixed bug in Plesk that was causing my problem.
-
David Reagan
commented
From /etc/passwd:
username:x:10000:1009::/var/www/vhosts/site:/opt/psa/bin/chrootshI can ssh into the server on the command line. Filezilla will not connect. Or, rather, it says:
Status: Connecting to pleskserver...
Response: fzSftp started
Command: open "username@pleskserver" 22
Command: Pass: ****************
Status: Connected to pleskserver
Error: Connection closed by server with exitcode 1
Error: Could not connect to serverauth.log just says the password is accepted, and then the session is closed. No reason why.
Nothing is shown in syslog.
Server info:
Plesk 11.5
Ubuntu 12.04.3 64bit -
Stéphan S
commented
SFTP and SCP are working.
What do the logs say?
-
Stéphan S
commented
This fully works for me on Plesk 11.5
We use CentOS 6.4 and this user is locked into chroot.
The shell for this user is /usr/local/psa/bin/chrootsh