Plesk 12.x / Linux :: How To Give Users SFTP Access
Feb 16, 2015
My reseller have got one plan, where option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment).
This plan contains only one subscription in which I would like to permit users to use sftp. If I go in the subscription, and then I click on "Customize subscription", I can see option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment)...
=> So same than in the plan.
After that, when I click on subscription => WebSites and Domain => One domain => FTP Access and I choose a ftp user, I don't have any option to allow ssh access to the user.
Is there any way to give a reseller or customer access to the php custom settings box labeled "Additional configuration directives" on the website & domains -> php settings button that an admin can see and alter? We have attempted to give resellers the "Common PHP settings management" and "Setup of potentially insecure web scripting options that override provider's policy" options, but it still does not show up to a reseller.
I am experiencing a weird issue after a Plesk upgrade (from 11 to 12, installed on Ubuntu 12.04).
FTP/SFTP is not working for all users in one specific domain. When using the latest Filezilla client, I receive the following error when I try to connect in SFTP with the main user of this domain
Error: Received unexpected end-of-file from SFTP server Error: Could not connect to serverClick to expand...
I use Plesk 11.5.30 on my vServer. I created a new domain with a new web user and /bin/bash (chroot) setting. I can't login with a SFTP connection to this domain only normal FTP connection works. With existing users I don't have this problem.
we have a WHM account... we have different accounts on that...and for each account, there are add-on domains underneath that. (i hope you know what i mean)
and we set it up to use only SFTP to connect to server. no FTP.
after we have set it up that way, it seems that we can only connect to SFTP using 1 user/pass for each account... that is the same user/pass we use for Cpanel of each account.
say, i have Account A... under Account A, i have addon domains: A1.com, A2.com, A3.com... setting SFTP only on that server, all those addon domains of Account A, can only use 1 user/pass to login to SFTP which is the cpanel access also of Account A.
question is.... is this behavior correct??
how can we create a different user for each add-on domain?
Since the migration from Plesk 11.5 to Plesk 12.0 the "chrooted" SFTP accounts do not work anymore. Along with the Plesk migration we have changed the operating system too. We've migrated from CentOS 6 (x86_64) to CentOS 7 (x86_64).
When trying to connect using SFTP on the command line I get the following error message: debug1: Exit status 127...When using an SFTP client such as WinSCP I get logged out immediately without any message.
The OpenSSH configuration is saying: <...> Subsystem sftp /usr/libexec/openssh/sftp-server <...>
The mentioned binary from above does exist: ls -l /usr/libexec/openssh/sftp-server -rwxr-xr-x 1 root root 83984 2015-05-12 21:41:56 /usr/libexec/openssh/sftp-server
I have attached the debug output of the SFTP command (plesk_sftp_issue.txt).When I change the option "Access to the server over SSH" to "/bin/bash" the SFTP access works again. But when "chrooted" it stops working.
A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.
The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.
Read the complete article at The Register. New kernels are available for Redhat and CentOS (obviously), and likely others who may be affected.
I have an account on godaddy, with more than 20 domains registered and well, so far i have been in charge of the updates of these domains and the websites they represent. But now I have this customer who is asking me to have access to his specific domain so he can upload files by him self, the thing is that i dont have a clue of how to do it. I tried to create a new account in godaddy for this customer and tried to transfer this domain into his account and I was not allowed to. I cannot give him my username and psw cause he wont only have access to his website but all those i have registered under my account. I will really appreciate some advises to help me work this out.
Is it possible to query for a list of system users using the API RPC? I know it's possible with a MySQL query
Code: select id, login, account_id from sys_users order by login;
I've searched through the API RPC manual, but I don't see a way to do this. I always have to specify a filter, I can't find a way to just query for all users.
After some recents updates (currently running on: 12.0.18 Update #19) appeared a problem with connecting to FTP for passive mode users:
Connect ok! "/" is the current directory Get directory 227 Entering Passive Mode 550 Access is denied.
Server logs: /var/log/messages Oct 14 12:11:26 host xinetd[3692]: START: ftp pid=2709 from=::ffff:xxx.xxx.xxx.xxx Oct 14 12:11:26 host proftpd[2709]: processing configuration directory '/etc/proftpd.d' Oct 14 12:11:26 host proftpd[2709]: yyy.yyy.yyy.yyy (xxx.xxx.xxx.xxx[xxx.xxx.xxx.xxx]) - FTP session opened.
But: /var/log/secure:
Oct 14 12:11:26 host proftpd: PAM unable to dlopen(/lib64/security/pam_stack.so): /lib64/security/pam_stack.so: cannot open shared object file: No such file or directory Oct 14 12:11:26 host proftpd: PAM adding faulty module: /lib64/security/pam_stack.so Oct 14 12:11:26 host proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers Oct 14 12:11:26 host proftpd[2709]: yyy.yyy.yyy.yyy (xxx.xxx.xxx.xxx[xxx.xxx.xxx.xxx]) - USER client: Login successful.
ad1: yes, i do have passive ports configured in /etc/proftpd.conf and FW is properly configured ad2: everything was fine until recent updates ad3: this is happening only for passive users only ad4: we are experiencing this issues across all Plesk instances [6x] on CentOS 6.5 with 12.0.18 Update #19
I want to create a webpage where users can make a SRV record. I thought this is possible with the Plesk API but i dont have any expierance with the API. How to create it?
I have plesk12 set up but when i set a mail (dovecot) password, it gets stored in plain text (which I can verify by running /usr/local/psa/admin/sbin/mail_auth_view ). I would like to change this default setting to be encrypted.
The upgrade has an error when manage the users database.
PRODUCT, VERSION, VERSION OF MICROUPDATE, OPERATING SYSTEM, ARCHITECTURE OS Microsoft Windows Server 2008 R2 Service Pack 1 x64 Panel version 11.5.30 Update #13, last updated at Sept 1, 2013 03:30 PM
PROBLEM DESCRIPTION In a costumer panel have a one database MSSQL, and assign to this DB 3 users, but the tab option "Users" don't work fot his costumer and show this error:
Error Javascript: TypeError: template is null this.template = template.toString(); in protototype.js 8472831 (lÃnea 807)
ACTUAL RESULT Error Javascript: TypeError: template is null this.template = template.toString(); in protototype.js 8472831 (lÃnea 807)
EXPECTED RESULT Show users in the tab users for database.
We are running the latest Plesk 12 under CentOS 7.
While I can see the App Owncloud as Admin in the Application Vault my users cannot see that particular app in their Application pool. They can see all other apps though. Just not Owncloud.
All resellers and customers are allowed to install everything from the pool and i selected Owncloud in the Vault already and "made it available" .. Though it is not shown.
There is a bug when trying to delete E-mail accounts in Plesk 12.1.26. It only works if I create a fake Auto-Reply text. If not, I got this error:
mail_responders_control failed: mail_responders_control[31710]: No autoresponder found for mailname (test@xxxxxx.com) mail_responders_control[31710]: Unable to prepare SQL statement for query 'DELETE FROM autoresponder WHERE mn=?': library routine called out of sequence
I have several users that can't access my sites, they are all from different areas of the world, most are on PC's with WinXP and one is on a MAC. I've had them do all the normal stuff..clean cookies, cache etc all with no luck.
I have a dual processor server running Red Hat 7.3 i686. I do have KISS firewall running.
If I stop the firewall, they can get in, but I can also bring it back up and then for several hours they can still connect, but at some point, they stop being able to.
I currently have no ip's blocked. See below: BLOCK_LIST=" " TCP_IN="20 21 25 53 80 110 143 443 995 2082:2083 2086:2087 2095:2096 3306 8443 10000 19638 22 26 37 43 873 993" TCP_OUT="21 22 25 37 43 53 80 443 873 2089 55000" UDP_IN="53" UDP_OUT="53" TCP_IN_TRUSTED="22" TRUSTED_IPS="0.0.0.0/0" SERVER_IPS="0.0.0.0/0"
Nothing that I know of changed, it just started about a week ago.
i have 3 sites/users that all need to be able to access each other with complete read/write/exec access
Site1 Site2 and Site3
what's the best way to do this without screwing up all the premissions and access to my currently active sites. I need advice from someone who is a pro at this and not just guessing at what premissions to set. I'm assume i need to create a MasterGrp and invite all 3 sites then set/change permissions on all three sites. Also all new files created would need to have the masterGrp set as the group automatically