Solved

Permissions+default directory in openssh on ubuntu

Posted on 2013-01-27
7
590 Views
Last Modified: 2013-02-01
I have a pretty basic ubuntu system running in a vm to do open-ssh.  By default each user that gets in via sftp goes to /home/username.  I need to change a user to go to a different directory when logging in.  Note that this user has no password, just a private key (so its authenticating with username+private key).  I need the user bob to default to the /home/homer directory.  I change this by nano /etc/passwd and changing the default but then when user chuck tries to login it doesnt work - says server refused our connection, change it back to /home/bob and it works fine.  Bob does have all access to /home/homeward...he can write files to that directory, change to that directory, and delete files from the directory so not sure why he cant go to that directory by default.
Using winscp to connect (windows machine) and you can specify the local and remote directories - doing this WILL work and allow him to "default" into the /home/homer directory, but I think winscp just logs in then changes directories for him right away (instead of the actual server putting him in that folder which is what I need).
Thoughts?
I tried doing it via a group too - still no luck
0
Comment
Question by:rhwimmers
  • 5
  • 2
7 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 38824461
Sftp is part of ssh and is directing the user to their home directory by default.

You could use usermod to alter the home directory thus altering where the user will end up upon logon.
I think winscp includes the option to specify the path /home/homeward rather than relying on the default.
0
 
LVL 1

Author Comment

by:rhwimmers
ID: 38824553
What command would that be?
0
 
LVL 77

Expert Comment

by:arnold
ID: 38824573
Not clear which point from my comment you want addressed in this response.
usermod -d /home/homeward homer
this will also affect the users ssh login which will now get them started at /home/homeward ( you could use .login, .profile, .bash_profile .bashrc to cd to a different directory) but cd ~homer wil always go to where the home directory is pointing within passwd.

I think winscp has the option prior to the connection for the specification of the remote directory which you could use /home/homeward
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 1

Author Comment

by:rhwimmers
ID: 38825017
Still get the same thing "server refused our key" - that is the winscp error I get anytime I try to change the user homer to get into /home/homeward
0
 
LVL 1

Author Comment

by:rhwimmers
ID: 38825040
Seems like no matter what I do with usermod -d or editing the /etc/passwd to change the path of the user, I cannot login with the user unless its set to his default /home/homer.  As mentioned earlier - login with username and a key file - the key file has nothing to do with the location right, its just for authentication purposes - just strange that as soon as I change the directory it fails as if its an auth issue.  And again, once logged in I CAN access these directories I am trying to have the user land in by default

server refused our key
authentication failed is the error I get
0
 
LVL 1

Accepted Solution

by:
rhwimmers earned 0 total points
ID: 38825160
Ran across this article which solved my issue.  The default is store the key in an encrypted (hidden) folder (.ssh) so moving that elsewhere did the trick.

http://adamwright.wordpress.com/2011/05/16/ssh-error-server-refused-our-key-and-how-to-fix-it/
0
 
LVL 1

Author Closing Comment

by:rhwimmers
ID: 38843112
Resolution in link
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question