0

This question is very much related to this question. The answer there is useful, but unfortunately incomplete. How to add user with SFTP/ FTP access to '/var/www/html/website_abc' folder on Amazon EC2 Centos?

I want to grant third party access to a part of my directory structure on my Amazon EC2 instance. I followed this tutorial to add a group and a user, and followed this tutorial to chroot this user. It is unclear to me how to continue after these two steps though. Below are the steps taken in more detail, and where I am stuck.

Add group and user

In terminal:

sudo groupadd sftp sudo useradd -g sftp thirdparty sudo usermod -G sftp thirdparty sudo usermod -s /bin/false thirdparty sudo chown root:root /var/www/html/exports/thirdparty sudo chmod 0755 /var/www/html/exports/thirdparty sudo passwd thirdparty (set password e.g. to abcd)

Chroot this user

Add these lines to etc/ssh/sshd_config:

Subsystem sftp /usr/lib/openssh/sftp-server Match Group sftp ChrootDirectory %h AllowTcpForwarding no X11Forwarding no ForceCommand /usr/lib/openssh/sftp-server

Restart OpenSSH:

/etc/init.d/ssh restart

Remote access

From this point it is unclear what to do next. The tutorials mention to use FileZilla, but not exactly how. I try the following.

Attempt 1

Host: 12.34.56.789 (public IP from EC2 Management Console) Username: thirdparty Password: abcd Port: --> Quickconnect Status: Connecting to 12.34.56.789:21... Error: Connection timed out after 20 seconds of inactivity Error: Could not connect to server

Attempt 2

Host: 12.34.56.789 (public IP from EC2 Management Console) Username: thirdparty Password: abcd Port: 22 --> Quickconnect

FileZilla warns about unknown host key. I click OK to trust the host and carry on connecting. I did not (yet) add the key to the cache.

Status: Connecting to 12.34.56.789... Response: fzSftp started, protocol_version=2 Command: open "[email protected]" 22 Command: Trust new Hostkey: Once Error: Disconnected: No supported authentication methods available (server sent: publickey) Error: Could not connect to server

Can anyone pinpoint me what to do next? Is this SSH related, or AWS specific (VPC related)?

Improve this question
1
  • server logs should guide you about the reasons of the failures. Or searching around stackexchange sites. Commented Sep 22, 2015 at 16:17

1 Answer 1

Reset to default
1

Amazon EC2 has SSH password authentication disabled by default and this is exactly what message in your Attempt 2 case says. You need either set up login with ssh key for your user (good) or update /etc/sshd_config to enable password authentication (bad).

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.