Allow SFTP without Shell?

[Selena]

Is it possible? How would I go about enabling this?

Thank you.

[Infopro]

It should be by default these days.

cPanel > FTP Accounts > scroll down to find the username for the account, far right icon Configure FTP Client. There you should see the SFTP Server Port listed for your users.

[Selena]

Quote:

Originally Posted by Infopro

It should be by default these days.

cPanel > FTP Accounts > scroll down to find the username for the account, far right icon Configure FTP Client. There you should see the SFTP Server Port listed for your users.

Thanks for replying. I'm not quite finding that. I went into WHM then looked under FTP Accounts but not seeing that option. Hmmmm...

I also set up a new FTP account in cPanel under a test domain. It also didn't give SFTP settings, only settings for FTP. I do not want to enable Shell access for my customers but feel it's important that they have the ability to upload files via SFTP. I hope there is a way for them to do this.

[Infopro]

I never mentioned WHM, I was speaking of in a cPanel account on your server. AFAIK, all users have access to SFTP on a cPanel server by default now.

[cPanelDavidG]

Quote:

Originally Posted by Infopro

I never mentioned WHM, I was speaking of in a cPanel account on your server. AFAIK, all users have access to SFTP on a cPanel server by default now.

Correct, in cPanel 11 all cPanel users have SFTP access. However, additional FTP accounts (virtual FTP accounts) do not have SFTP access.

If the hosting provider is not yet using cPanel 11, please have them upgrade.

[Selena]

Quote:

Originally Posted by cPanelDavidG

Correct, in cPanel 11 all cPanel users have SFTP access. However, additional FTP accounts (virtual FTP accounts) do not have SFTP access.

If the hosting provider is not yet using cPanel 11, please have them upgrade.

Thank you. We are using cPanel 11. However, when I select SFTP, it gives an error message telling me the password is invalid. If I set it to FTP, it works. This is using Fetch for Mac.

Hostname: ftp.mydomain.com
Username: myusername
Password: mypassword

I tried using ports 21 and 22 to see if it made a difference, but it didn't.

Are there specific settings that I should use for SFTP?

Thank you.

[Infopro]

The port number listed in your cPanel as I mentioned and the IP for the server, will get you in. You'll need to properly config your FTP client as well.

[cPanelDavidG]

Quote:

Originally Posted by Selena

Thank you. We are using cPanel 11. However, when I select SFTP, it gives an error message telling me the password is invalid. If I set it to FTP, it works. This is using Fetch for Mac.

Hostname: ftp.mydomain.com
Username: myusername
Password: mypassword

I tried using ports 21 and 22 to see if it made a difference, but it didn't.

Are there specific settings that I should use for SFTP?

Thank you.

On some servers, you need to do myusername@primarydomain where myusername is the user's cPanel username and primarydomain is the main domain on their cPanel account.

[hbouma]

Quote:

Originally Posted by cPanelDavidG

Correct, in cPanel 11 all cPanel users have SFTP access. However, additional FTP accounts (virtual FTP accounts) do not have SFTP access.

If the hosting provider is not yet using cPanel 11, please have them upgrade.

Well if that's the case, how about fixing your page so that it doesn't show any SFTP information for virtual FTP account login details. That way people who create FTP users don't get the impression that they can log in their virtual users over the SFTP port when its obviously not the case.

Hal

[cPanelDavidG]

Quote:

Originally Posted by hbouma

Well if that's the case, how about fixing your page so that it doesn't show any SFTP information for virtual FTP account login details. That way people who create FTP users don't get the impression that they can log in their virtual users over the SFTP port when its obviously not the case.

Hal

We are currently working on fixing that page so SFTP information is not displayed when viewing virtual FTP account details. (Internal Case 26282)

[nitaish]

I tried to connect to a website using SFTP and was able to do so. However, I can go several levels up the server and can access other directories too except the other websites' directories in the /home directory. This is actually risky as a person can also delete data from the other directories and cause instability to the system. Is there a work around for this?

[thewebhosting]

Using SFTP you can only see the listing of the directories which is inside the /home directory. No one can modify the other directories except the owner of that directory.

[cPanelDavidG]

Quote:

Originally Posted by nitaish

I tried to connect to a website using SFTP and was able to do so. However, I can go several levels up the server and can access other directories too except the other websites' directories in the /home directory. This is actually risky as a person can also delete data from the other directories and cause instability to the system. Is there a work around for this?

With the way *nix file system permissions work, being able to see a file exists is not the same as being able to view, modify or delete a file.

[Spiral]

While there are some obvious merits (and some cons) to moving to SFTP transfers, I should take a moment and point out that doing so in response to the recent IFRAME / Index Hacking problems with so many sites left victim will do ABSOLUTELY NOTHING to help you or protect your server!

If your motivation in switching over to SFTP is something other than these
recent attacks around the world, then all the power to you.

If not, and that is your driving motivation, then you may want to re-consider your actions because you are doing nothing to help yourself or your clients.

[sneader]

Quote:

Originally Posted by Spiral

While there are some obvious merits (and some cons) to moving to SFTP transfers, I should take a moment and point out that doing so in response to the recent IFRAME / Index Hacking problems with so many sites left victim will do ABSOLUTELY NOTHING to help you or protect your server!

If your motivation in switching over to SFTP is something other than these
recent attacks around the world, then all the power to you.

If not, and that is your driving motivation, then you may want to re-consider your actions because you are doing nothing to help yourself or your clients.

It might be helpful to explain why?

- Scott