Can't Connect Using FTP Account (SFTP)

pilaftank

Registered
Jan 8, 2007
3
0
151
I created an FTP account (cPanel --> FTP Accounts --> Create), but I can't seem to connect using the login information. Of course, I use SFTP (regular FTP is unacceptable since passwords are sent in clear text). I tried Fugu on a Mac and FileZilla on both a Mac and a Windows PC without success.

My searching around indicates that cPanel does not support SFTP for FTP accounts.

A feature that forces passwords to be transmitted in clear test seems foolish. If users choose to be foolish on their own, so be it. But forcing users to be foolish is another story.

It's peculiar that the "Configure FTP Client" feature displays the FTP username, FTP server name, and SFTP port (22). If cPanel does not actually support SFTP for such accounts, this seems like a bug. Why show the SFTP port number if SFTP is not supported?

Did I simply miss a really obvious checkbox somewhere or do FTP accounts in cPanel force users to transmit their passwords without any encryption at all?
 

bornonline

Well-Known Member
Nov 19, 2004
139
0
166
Earth
You need to give that user shell access I believe. You could use a client like FileZilla for FTP over TLS. You won't get secure data transport, but you can get secure auth.
 

Morley

Well-Known Member
Apr 24, 2007
66
0
156
No. It's been a while now that cPanel allows SFTP connection by default, without shell access.
Only the cpanel user can connect through SFTP, though :)
Really? I am receiving:

Invalid user [email protected] from ::ffff:xxx.xxx.xxx.xxx
Feb 6 10:49:41 tm sshd[13268]: input_userauth_request: invalid user [email protected]

this user is the main account and I have shall access disabled. Is there any other reason this wouldn't work?

Thanks
 

yapluka

Well-Known Member
Dec 24, 2003
301
1
168
France
cPanel Access Level
Root Administrator

Morley

Well-Known Member
Apr 24, 2007
66
0
156
You need to use the cpanel username : "user" and not "[email protected]"
So to be clear, only the cpanel main user can sftp via ssh2, and any ftp users you add cannot?
Seems strange because cPanel gives you instructions on how to set accounts up via SFTP, but it doesn't work. I thought it was because there's no shell access for this account but I am reading otherwise. Would someone clarify this?

BTW, I am able to SFTP as the main user for this account but I'd like to do the same or added accounts.

Thanks for the reply
 

sparek-3

Well-Known Member
Aug 10, 2002
2,021
227
368
cPanel Access Level
Root Administrator
BTW, I am able to SFTP as the main user for this account but I'd like to do the same or added accounts.
You just can't. SFTP is based off of SSH. SSH is accessible only by server level accounts, i.e. accounts that exist on the server. FTP users that you create in your control panel are just virtual users tied to that particular account. This is why their FTP username have the @yourdomain.com appended to them.

SSH will only work for usernames that are listed in the /etc/passwd file. These are server level accounts, accounts recognized by the server as existing. As far as the server is concerned [email protected] is not a valid user. This part is only understood by the FTP daemon once you connect.

I suppose you could write an intermediate SSH daemon to handle this level of functionality for the SSH service. That would be the only way to allow these sub users access to SSH.
 

kazar

Active Member
May 18, 2008
27
0
51
NYC/Earth
cPanel Access Level
Root Administrator
I just want to point out that for the cpanel user, the sftp configuration file (at least the one for Cyberduck) does not succeed because it prepopulates [email protected] instead of just username.

Thanks to the folks on this thread I finally learned I need to delete the @domain.com portion of the username string in order to successfully log in.

kazar