[redhat-list] updates pending question, is, sftp problems

Constance Morris cmorris at daltonstate.edu
Fri May 10 14:19:30 UTC 2013 


-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com] On Behalf Of m.roth at 5-cent.us
Sent: Thursday, May 09, 2013 5:19 PM
To: General Red Hat Linux discussion list
Subject: RE: [redhat-list] updates pending question, is, sftp problems

Constance   Morris wrote:
> [mailto:redhat-list-bounces at redhat.com] On Behalf Of m.roth at 5-cent.us
> Constance   Morris wrote:
<snip>
>> problem last week with having started these updates then stopped them 
>> mid-stream when some of our professors could not ssh to the webserver 
>> using Expression Web software via SFTP?
> <snip>
>> Our Network Administrator suggested that my problem with the SSH / 
>> SFTP Expression Web Websever access was due to there being different 
>> versions on the system now because of the updates. He said I needed 
>> to check the versions of both and may need to uninstall SSH, compile 
>> a version from source that will work with SFTP.
>
> No. Not under any circumstances. What kind of admin is he, Windows?
> Because that is absolutely the WRONG answer. You can check yourself - 
> run rpm -qa | grep ssh then rpm -qi openssh-clients
<snip>
>> All that is greek to me. He said he manually created what had been 
>> setup for the SSH / SFTP that was running well before I did some of 
>> those updates.
>>
>> I put in the command:  ssh -v          and got the version of SSH  (Open
>> SSH_4.3p2, OpenSSH 0.9.8e-fips-rhel5 01 Jul 2008) But I cannot find a 
>> way to check the sftp version to compare.
>
> If he installed those *without* using yum, he's wrong, unless there's 
> an overriding reason. For now, we have our own ssh package, but that's 
> *only* because this is a US federal gov't agency, and we *have* to use 
> PIV/smart cards for some cases. Otherwise... use the rpm commands I 
> mentioned, above, and see if they're installed. If not yuse yum, er, 
> use yum <g> to install them both. then turn down what was available, 
> and turn up the newly-installed ones. They'll work out of the box.
<snip>
> Those rpm commands (rpm -qa | grep ssh   and rpm -qi openssh-clients) did
> produce the information I needed and all are the same:
>
> Openssh-clients-4.3p2-82.e15
> Openssh-4 .3p2-82.e15
> Openssh-server-4.3p2-82.e15
>
You'll note they all match. There's no incompatibilities.

> Myself and the webmaster have sudoers priviledges, so I know we are 
> different from the professors as they are limited to certain 
> directories and are not in the sudoers file nor have root priviledges.

Right, and they shouldn't have.

> The weird thing is that two of them get the same login error message 
> and a third gets something different.
> Here are the errors:
> "FTP Error...Cannot open remote folder pac-2013/ Access Denied."
> And the other login error:
> "There is no site name "whatever the home directory location is for 
> the user".

The latter tells me that this user does not have it configured, and I assume, possibly wrongly, that one of youse guys needs to go into wherever you manage users and set it up for him. It also leads me to suspect that the other two users are misconfigured.

Yup. I just googled on Web Expression configure sftp, and found this link:
<http://msdn.microsoft.com/en-us/library/cc295154%28v=expression.30%29.aspx>
Someone needs to go there and check those three users' configurations.

       mark
---------

Mark,
I forgot to mention yesterday that when I ram the 'rpm -qi openssh-clients' command that though it gave me the same version and release information as the other command (rpm -qa | grep ssh) - it also mentioned an install date of April 29 2013. 
That was the date I had re-registered the server with red hat and let it start those errata updates automatically and then stopped them when told by a fellow co-worker that wasn't a good idea. Which is also the day that the professor starting not being able to login to expression web 4 in order to access their website on the server for updating. 
Could that mean that I overrode a previous install date?

I checked out the link you gave me (thank you!), but the person has to be logged into Expression Web in order to access the connection settings. I logged in as myself and followed the instructions just to see if it would let me create the connection for someone else, but it didn't work. 

May I impose upon you one more time? 
My 2 predecessors left me two different commands in setting up new users and their directories on the server for expression web access. I'm going to list both and do you mind looking over them and giving me your opinion? I've used both to create test users and directories to try and resolve this login issue for expression web, but neither are working for me, so I'm either doing something wrong or missing something.

1.) useradd -d /var/www/html/faculty-staff -s /opt/openssh/libexec/sftp-server -g sftp -G www,faculty-staff username

* Now, I know you or Robert mentioned last time that it should really be /usr/libexec/openssh/sftp-server instead of the /opt/openssh/libexec....

2.) useradd -m -k /var/www/userSkel -G faculty-staff,www -g sftp -s /usr/libexec/openssh/sftp-server -d /var/www/html/faculty-staff/username
And then the next command:   cp -ir /var/www/userSkel/*   /var/www/html/faculty-staff/username

Thank you!
Constance

More information about the redhat-list mailing list