Quote:
Originally Posted by Infopro
Are you using the IP address used for SSH? I don't use FZ but you open the Site Manager and add the site there. Select server type > SFTP. Add the IP and port and you should be good to go.
|
Yes, but no IP is used by our hosted customers for ssh access because we do not allow ssh access for our hosted customer, thus the problem.
I have come upon a solution for this by putting together a few different posts on this subject, the method goes like this:
---------------
To allow SFTP access but without shell access, you must first enable (jailed) shell via WHM. But then run the following so they do not have command line/shell access:
usermod -s /usr/local/cpanel/bin/noshell username
Of course, replace "username" with the actual account user name.
Then generate a key pair for the account in question:
cd /home/userid/.ssh
Run:
ssh-keygen
(Accept the default names, i.e. id_rsa)
Enter any passphrase and be sure to remember the passphrase used.
After this two files will be created:
id_rsa
***This is the private key.
id_rsa.pub
***This is the public key.
Now entering the following:
cat id_rsa.pub >> authorized_keys
The id_rsa file is the private key to be used with FileZilla:
Preferences ---> SFTP ---> add key file.
Then configure FileZilla with SFTP and port - (insert ssh access port here), the user ID but NO password.
Remove both files from the on-line account:
id_rsa.pub
id_rsa
Now SFTP transfers work.
---------------
A significant aspect of this is to switch on SSH access for the account, but remove their capability to reach the shell command line:
usermod -s /usr/local/cpanel/bin/noshell username
This part was derived from this post:
Strange SFTP problem...
This concludes about three days of research on this one. But if anyone has anything to offer in addition, I would certainly like to know more, Particularly with regard to potential security vulnerabilities that may arise from using this method.