Setting up SFTP to log in to server with Filezilla
up vote
2
down vote
favorite
I have an ec2 instance on AWS which already installed a few Wordpress-es in it. I want to set things up to let more people handle their own projects, with me also being able to go into the server using terminal if I still want to.
I have been following tutorials such as
How to setup a restricted SFTP server on Ubuntu? and a few others. I figured all of them just teach users how to sftp
into their own home folder, also the steps keep saying addUser
but some users already existed and removing them might cause some issue.
How can I give existing users the permission to use SFTP for Wordpress projects?
Let's say all my Wordpress projects are already under /var/www/
which has already been set up with www-data:www-data
.
Really new with setting things like this.
Thanks in advance for any help.
command-line server permissions sftp wordpress
add a comment |
up vote
2
down vote
favorite
I have an ec2 instance on AWS which already installed a few Wordpress-es in it. I want to set things up to let more people handle their own projects, with me also being able to go into the server using terminal if I still want to.
I have been following tutorials such as
How to setup a restricted SFTP server on Ubuntu? and a few others. I figured all of them just teach users how to sftp
into their own home folder, also the steps keep saying addUser
but some users already existed and removing them might cause some issue.
How can I give existing users the permission to use SFTP for Wordpress projects?
Let's say all my Wordpress projects are already under /var/www/
which has already been set up with www-data:www-data
.
Really new with setting things like this.
Thanks in advance for any help.
command-line server permissions sftp wordpress
1
@pa4080 Your answer is quite lengthy and confusing, wouldn't it just be easier to show Op how to set up SSH and Give their users public keys?
– EODCraft Staff
Apr 12 at 9:26
@EODCraftStaff the question is not about that. I'm assuming this is already achieved: I figured all of them just teaches how to sftp into their own home folder... The answer contains about 7 sentences.
– pa4080
Apr 12 at 9:31
add a comment |
up vote
2
down vote
favorite
up vote
2
down vote
favorite
I have an ec2 instance on AWS which already installed a few Wordpress-es in it. I want to set things up to let more people handle their own projects, with me also being able to go into the server using terminal if I still want to.
I have been following tutorials such as
How to setup a restricted SFTP server on Ubuntu? and a few others. I figured all of them just teach users how to sftp
into their own home folder, also the steps keep saying addUser
but some users already existed and removing them might cause some issue.
How can I give existing users the permission to use SFTP for Wordpress projects?
Let's say all my Wordpress projects are already under /var/www/
which has already been set up with www-data:www-data
.
Really new with setting things like this.
Thanks in advance for any help.
command-line server permissions sftp wordpress
I have an ec2 instance on AWS which already installed a few Wordpress-es in it. I want to set things up to let more people handle their own projects, with me also being able to go into the server using terminal if I still want to.
I have been following tutorials such as
How to setup a restricted SFTP server on Ubuntu? and a few others. I figured all of them just teach users how to sftp
into their own home folder, also the steps keep saying addUser
but some users already existed and removing them might cause some issue.
How can I give existing users the permission to use SFTP for Wordpress projects?
Let's say all my Wordpress projects are already under /var/www/
which has already been set up with www-data:www-data
.
Really new with setting things like this.
Thanks in advance for any help.
command-line server permissions sftp wordpress
command-line server permissions sftp wordpress
edited Nov 19 at 17:09
Zanna
48.9k13123234
48.9k13123234
asked Apr 12 at 0:49
Dora
190216
190216
1
@pa4080 Your answer is quite lengthy and confusing, wouldn't it just be easier to show Op how to set up SSH and Give their users public keys?
– EODCraft Staff
Apr 12 at 9:26
@EODCraftStaff the question is not about that. I'm assuming this is already achieved: I figured all of them just teaches how to sftp into their own home folder... The answer contains about 7 sentences.
– pa4080
Apr 12 at 9:31
add a comment |
1
@pa4080 Your answer is quite lengthy and confusing, wouldn't it just be easier to show Op how to set up SSH and Give their users public keys?
– EODCraft Staff
Apr 12 at 9:26
@EODCraftStaff the question is not about that. I'm assuming this is already achieved: I figured all of them just teaches how to sftp into their own home folder... The answer contains about 7 sentences.
– pa4080
Apr 12 at 9:31
1
1
@pa4080 Your answer is quite lengthy and confusing, wouldn't it just be easier to show Op how to set up SSH and Give their users public keys?
– EODCraft Staff
Apr 12 at 9:26
@pa4080 Your answer is quite lengthy and confusing, wouldn't it just be easier to show Op how to set up SSH and Give their users public keys?
– EODCraft Staff
Apr 12 at 9:26
@EODCraftStaff the question is not about that. I'm assuming this is already achieved: I figured all of them just teaches how to sftp into their own home folder... The answer contains about 7 sentences.
– pa4080
Apr 12 at 9:31
@EODCraftStaff the question is not about that. I'm assuming this is already achieved: I figured all of them just teaches how to sftp into their own home folder... The answer contains about 7 sentences.
– pa4080
Apr 12 at 9:31
add a comment |
1 Answer
1
active
oldest
votes
up vote
2
down vote
accepted
Here I'm assuming you are able to ssh/sftp to your user's home directory successfully and you want to edit (with your user) files and folders under /var/www
that are owned by user
and :group
- www-data:www-data
(without changing their ownership).
Here I'm assuming also the topic How to avoid using sudo when working in /var/www? doesn't cover you needs. For example you don't want to change the permissions under /var/www
.
I think the most easiest and clear way to solve this task is to mount /var/www
(or certain directory inside) into your user's home directory and change the owner to your user and :group. This could be achieved by the tool bindfs
:
sudo apt update && sudo apt install bindfs
Here we will mount the entire directory /var/www
in a directory called also www/
and located in your user's home directory.
mkdir "$HOME/www"
sudo bindfs -u $(id -u) -g $(id -g) --create-for-user=www-data --create-for-group=www-data /var/www "$HOME/www"
The command substitutions
$(id -u)
and$(id -g)
will return the UID and GID of the current user.If you want to execute the above command for another user use
$(id -u <user>)
and$(id -g <user>)
. Where<user>
is an actual username.For more details about the arguments used with
bindfs
read its manual page -man bindfs
.
If you want to un-mount
~/www
($HOME/www
) use the command:
sudo fusermount -u ~/www
To mount /var/www
in ~/www
automatically during the system startup add the following line into the bottom of /etc/fstab
:
bindfs#/var/www /home/<user>/www fuse force-user=<uid>,force-group=<gid>,create-for-user=www-data,create-for-group=www-data 0 0
Note: you should replace<user>
with the actual username; also should replace<uid>
and<gid>
with the actual UID and GID of the<user>
, you can find them by the commands:id -u <user>
andid -u <user>
.
To see the result reboot the system or execute:
sudo mount -a # maybe you should execute `sudo fusermount -u ~/www` first
Here is animated demo how this works:
Update:
The only limitation of this approach that I found is when you change the ownership of the bind directory this will change the ownership also for the source directory. For example the next command is not a good idea:
chown -R $(id -u):$(id -g) $HOME/www
Maybe there is a suitable option for the bindfs
command that will prevent this to happen, but I can't tell that at the moment.
I believe I am understanding the logic and so on but, let's say if I am setting this up for another user? I tried replacing$USER
with another user's name but gives me something like thisNot a valid group ID:
– Dora
Apr 12 at 18:35
the user's name does exist though, I am able to usefilezilla
to sftp in with the username and password
– Dora
Apr 12 at 18:36
Hi, @Dora, use the commandid filezilla
to fin to which group the userfilezilla
belongs to. Then use this group where it is needed. If you want post the output ofid filezilla
, maybe I could help.
– pa4080
Apr 12 at 18:48
1
oh oops byfilezilla
I meant the ftp software with gui. anyways I usedid username
as you mentioned and this is the outcomeuid=1002(username) gid=1002(ftpaccess) groups=1002(ftpaccess),33(www-data)
– Dora
Apr 12 at 18:51
@Dora: have you read this great topic: How to avoid using sudo when working in /var/www? ... The approach that I proposed here is different, but in this way you will be able to manipulate with the files more fluently.
– pa4080
Apr 12 at 18:59
|
show 4 more comments
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
accepted
Here I'm assuming you are able to ssh/sftp to your user's home directory successfully and you want to edit (with your user) files and folders under /var/www
that are owned by user
and :group
- www-data:www-data
(without changing their ownership).
Here I'm assuming also the topic How to avoid using sudo when working in /var/www? doesn't cover you needs. For example you don't want to change the permissions under /var/www
.
I think the most easiest and clear way to solve this task is to mount /var/www
(or certain directory inside) into your user's home directory and change the owner to your user and :group. This could be achieved by the tool bindfs
:
sudo apt update && sudo apt install bindfs
Here we will mount the entire directory /var/www
in a directory called also www/
and located in your user's home directory.
mkdir "$HOME/www"
sudo bindfs -u $(id -u) -g $(id -g) --create-for-user=www-data --create-for-group=www-data /var/www "$HOME/www"
The command substitutions
$(id -u)
and$(id -g)
will return the UID and GID of the current user.If you want to execute the above command for another user use
$(id -u <user>)
and$(id -g <user>)
. Where<user>
is an actual username.For more details about the arguments used with
bindfs
read its manual page -man bindfs
.
If you want to un-mount
~/www
($HOME/www
) use the command:
sudo fusermount -u ~/www
To mount /var/www
in ~/www
automatically during the system startup add the following line into the bottom of /etc/fstab
:
bindfs#/var/www /home/<user>/www fuse force-user=<uid>,force-group=<gid>,create-for-user=www-data,create-for-group=www-data 0 0
Note: you should replace<user>
with the actual username; also should replace<uid>
and<gid>
with the actual UID and GID of the<user>
, you can find them by the commands:id -u <user>
andid -u <user>
.
To see the result reboot the system or execute:
sudo mount -a # maybe you should execute `sudo fusermount -u ~/www` first
Here is animated demo how this works:
Update:
The only limitation of this approach that I found is when you change the ownership of the bind directory this will change the ownership also for the source directory. For example the next command is not a good idea:
chown -R $(id -u):$(id -g) $HOME/www
Maybe there is a suitable option for the bindfs
command that will prevent this to happen, but I can't tell that at the moment.
I believe I am understanding the logic and so on but, let's say if I am setting this up for another user? I tried replacing$USER
with another user's name but gives me something like thisNot a valid group ID:
– Dora
Apr 12 at 18:35
the user's name does exist though, I am able to usefilezilla
to sftp in with the username and password
– Dora
Apr 12 at 18:36
Hi, @Dora, use the commandid filezilla
to fin to which group the userfilezilla
belongs to. Then use this group where it is needed. If you want post the output ofid filezilla
, maybe I could help.
– pa4080
Apr 12 at 18:48
1
oh oops byfilezilla
I meant the ftp software with gui. anyways I usedid username
as you mentioned and this is the outcomeuid=1002(username) gid=1002(ftpaccess) groups=1002(ftpaccess),33(www-data)
– Dora
Apr 12 at 18:51
@Dora: have you read this great topic: How to avoid using sudo when working in /var/www? ... The approach that I proposed here is different, but in this way you will be able to manipulate with the files more fluently.
– pa4080
Apr 12 at 18:59
|
show 4 more comments
up vote
2
down vote
accepted
Here I'm assuming you are able to ssh/sftp to your user's home directory successfully and you want to edit (with your user) files and folders under /var/www
that are owned by user
and :group
- www-data:www-data
(without changing their ownership).
Here I'm assuming also the topic How to avoid using sudo when working in /var/www? doesn't cover you needs. For example you don't want to change the permissions under /var/www
.
I think the most easiest and clear way to solve this task is to mount /var/www
(or certain directory inside) into your user's home directory and change the owner to your user and :group. This could be achieved by the tool bindfs
:
sudo apt update && sudo apt install bindfs
Here we will mount the entire directory /var/www
in a directory called also www/
and located in your user's home directory.
mkdir "$HOME/www"
sudo bindfs -u $(id -u) -g $(id -g) --create-for-user=www-data --create-for-group=www-data /var/www "$HOME/www"
The command substitutions
$(id -u)
and$(id -g)
will return the UID and GID of the current user.If you want to execute the above command for another user use
$(id -u <user>)
and$(id -g <user>)
. Where<user>
is an actual username.For more details about the arguments used with
bindfs
read its manual page -man bindfs
.
If you want to un-mount
~/www
($HOME/www
) use the command:
sudo fusermount -u ~/www
To mount /var/www
in ~/www
automatically during the system startup add the following line into the bottom of /etc/fstab
:
bindfs#/var/www /home/<user>/www fuse force-user=<uid>,force-group=<gid>,create-for-user=www-data,create-for-group=www-data 0 0
Note: you should replace<user>
with the actual username; also should replace<uid>
and<gid>
with the actual UID and GID of the<user>
, you can find them by the commands:id -u <user>
andid -u <user>
.
To see the result reboot the system or execute:
sudo mount -a # maybe you should execute `sudo fusermount -u ~/www` first
Here is animated demo how this works:
Update:
The only limitation of this approach that I found is when you change the ownership of the bind directory this will change the ownership also for the source directory. For example the next command is not a good idea:
chown -R $(id -u):$(id -g) $HOME/www
Maybe there is a suitable option for the bindfs
command that will prevent this to happen, but I can't tell that at the moment.
I believe I am understanding the logic and so on but, let's say if I am setting this up for another user? I tried replacing$USER
with another user's name but gives me something like thisNot a valid group ID:
– Dora
Apr 12 at 18:35
the user's name does exist though, I am able to usefilezilla
to sftp in with the username and password
– Dora
Apr 12 at 18:36
Hi, @Dora, use the commandid filezilla
to fin to which group the userfilezilla
belongs to. Then use this group where it is needed. If you want post the output ofid filezilla
, maybe I could help.
– pa4080
Apr 12 at 18:48
1
oh oops byfilezilla
I meant the ftp software with gui. anyways I usedid username
as you mentioned and this is the outcomeuid=1002(username) gid=1002(ftpaccess) groups=1002(ftpaccess),33(www-data)
– Dora
Apr 12 at 18:51
@Dora: have you read this great topic: How to avoid using sudo when working in /var/www? ... The approach that I proposed here is different, but in this way you will be able to manipulate with the files more fluently.
– pa4080
Apr 12 at 18:59
|
show 4 more comments
up vote
2
down vote
accepted
up vote
2
down vote
accepted
Here I'm assuming you are able to ssh/sftp to your user's home directory successfully and you want to edit (with your user) files and folders under /var/www
that are owned by user
and :group
- www-data:www-data
(without changing their ownership).
Here I'm assuming also the topic How to avoid using sudo when working in /var/www? doesn't cover you needs. For example you don't want to change the permissions under /var/www
.
I think the most easiest and clear way to solve this task is to mount /var/www
(or certain directory inside) into your user's home directory and change the owner to your user and :group. This could be achieved by the tool bindfs
:
sudo apt update && sudo apt install bindfs
Here we will mount the entire directory /var/www
in a directory called also www/
and located in your user's home directory.
mkdir "$HOME/www"
sudo bindfs -u $(id -u) -g $(id -g) --create-for-user=www-data --create-for-group=www-data /var/www "$HOME/www"
The command substitutions
$(id -u)
and$(id -g)
will return the UID and GID of the current user.If you want to execute the above command for another user use
$(id -u <user>)
and$(id -g <user>)
. Where<user>
is an actual username.For more details about the arguments used with
bindfs
read its manual page -man bindfs
.
If you want to un-mount
~/www
($HOME/www
) use the command:
sudo fusermount -u ~/www
To mount /var/www
in ~/www
automatically during the system startup add the following line into the bottom of /etc/fstab
:
bindfs#/var/www /home/<user>/www fuse force-user=<uid>,force-group=<gid>,create-for-user=www-data,create-for-group=www-data 0 0
Note: you should replace<user>
with the actual username; also should replace<uid>
and<gid>
with the actual UID and GID of the<user>
, you can find them by the commands:id -u <user>
andid -u <user>
.
To see the result reboot the system or execute:
sudo mount -a # maybe you should execute `sudo fusermount -u ~/www` first
Here is animated demo how this works:
Update:
The only limitation of this approach that I found is when you change the ownership of the bind directory this will change the ownership also for the source directory. For example the next command is not a good idea:
chown -R $(id -u):$(id -g) $HOME/www
Maybe there is a suitable option for the bindfs
command that will prevent this to happen, but I can't tell that at the moment.
Here I'm assuming you are able to ssh/sftp to your user's home directory successfully and you want to edit (with your user) files and folders under /var/www
that are owned by user
and :group
- www-data:www-data
(without changing their ownership).
Here I'm assuming also the topic How to avoid using sudo when working in /var/www? doesn't cover you needs. For example you don't want to change the permissions under /var/www
.
I think the most easiest and clear way to solve this task is to mount /var/www
(or certain directory inside) into your user's home directory and change the owner to your user and :group. This could be achieved by the tool bindfs
:
sudo apt update && sudo apt install bindfs
Here we will mount the entire directory /var/www
in a directory called also www/
and located in your user's home directory.
mkdir "$HOME/www"
sudo bindfs -u $(id -u) -g $(id -g) --create-for-user=www-data --create-for-group=www-data /var/www "$HOME/www"
The command substitutions
$(id -u)
and$(id -g)
will return the UID and GID of the current user.If you want to execute the above command for another user use
$(id -u <user>)
and$(id -g <user>)
. Where<user>
is an actual username.For more details about the arguments used with
bindfs
read its manual page -man bindfs
.
If you want to un-mount
~/www
($HOME/www
) use the command:
sudo fusermount -u ~/www
To mount /var/www
in ~/www
automatically during the system startup add the following line into the bottom of /etc/fstab
:
bindfs#/var/www /home/<user>/www fuse force-user=<uid>,force-group=<gid>,create-for-user=www-data,create-for-group=www-data 0 0
Note: you should replace<user>
with the actual username; also should replace<uid>
and<gid>
with the actual UID and GID of the<user>
, you can find them by the commands:id -u <user>
andid -u <user>
.
To see the result reboot the system or execute:
sudo mount -a # maybe you should execute `sudo fusermount -u ~/www` first
Here is animated demo how this works:
Update:
The only limitation of this approach that I found is when you change the ownership of the bind directory this will change the ownership also for the source directory. For example the next command is not a good idea:
chown -R $(id -u):$(id -g) $HOME/www
Maybe there is a suitable option for the bindfs
command that will prevent this to happen, but I can't tell that at the moment.
edited Nov 18 at 10:46
answered Apr 12 at 9:16
pa4080
12.9k52460
12.9k52460
I believe I am understanding the logic and so on but, let's say if I am setting this up for another user? I tried replacing$USER
with another user's name but gives me something like thisNot a valid group ID:
– Dora
Apr 12 at 18:35
the user's name does exist though, I am able to usefilezilla
to sftp in with the username and password
– Dora
Apr 12 at 18:36
Hi, @Dora, use the commandid filezilla
to fin to which group the userfilezilla
belongs to. Then use this group where it is needed. If you want post the output ofid filezilla
, maybe I could help.
– pa4080
Apr 12 at 18:48
1
oh oops byfilezilla
I meant the ftp software with gui. anyways I usedid username
as you mentioned and this is the outcomeuid=1002(username) gid=1002(ftpaccess) groups=1002(ftpaccess),33(www-data)
– Dora
Apr 12 at 18:51
@Dora: have you read this great topic: How to avoid using sudo when working in /var/www? ... The approach that I proposed here is different, but in this way you will be able to manipulate with the files more fluently.
– pa4080
Apr 12 at 18:59
|
show 4 more comments
I believe I am understanding the logic and so on but, let's say if I am setting this up for another user? I tried replacing$USER
with another user's name but gives me something like thisNot a valid group ID:
– Dora
Apr 12 at 18:35
the user's name does exist though, I am able to usefilezilla
to sftp in with the username and password
– Dora
Apr 12 at 18:36
Hi, @Dora, use the commandid filezilla
to fin to which group the userfilezilla
belongs to. Then use this group where it is needed. If you want post the output ofid filezilla
, maybe I could help.
– pa4080
Apr 12 at 18:48
1
oh oops byfilezilla
I meant the ftp software with gui. anyways I usedid username
as you mentioned and this is the outcomeuid=1002(username) gid=1002(ftpaccess) groups=1002(ftpaccess),33(www-data)
– Dora
Apr 12 at 18:51
@Dora: have you read this great topic: How to avoid using sudo when working in /var/www? ... The approach that I proposed here is different, but in this way you will be able to manipulate with the files more fluently.
– pa4080
Apr 12 at 18:59
I believe I am understanding the logic and so on but, let's say if I am setting this up for another user? I tried replacing
$USER
with another user's name but gives me something like this Not a valid group ID:
– Dora
Apr 12 at 18:35
I believe I am understanding the logic and so on but, let's say if I am setting this up for another user? I tried replacing
$USER
with another user's name but gives me something like this Not a valid group ID:
– Dora
Apr 12 at 18:35
the user's name does exist though, I am able to use
filezilla
to sftp in with the username and password– Dora
Apr 12 at 18:36
the user's name does exist though, I am able to use
filezilla
to sftp in with the username and password– Dora
Apr 12 at 18:36
Hi, @Dora, use the command
id filezilla
to fin to which group the user filezilla
belongs to. Then use this group where it is needed. If you want post the output of id filezilla
, maybe I could help.– pa4080
Apr 12 at 18:48
Hi, @Dora, use the command
id filezilla
to fin to which group the user filezilla
belongs to. Then use this group where it is needed. If you want post the output of id filezilla
, maybe I could help.– pa4080
Apr 12 at 18:48
1
1
oh oops by
filezilla
I meant the ftp software with gui. anyways I used id username
as you mentioned and this is the outcome uid=1002(username) gid=1002(ftpaccess) groups=1002(ftpaccess),33(www-data)
– Dora
Apr 12 at 18:51
oh oops by
filezilla
I meant the ftp software with gui. anyways I used id username
as you mentioned and this is the outcome uid=1002(username) gid=1002(ftpaccess) groups=1002(ftpaccess),33(www-data)
– Dora
Apr 12 at 18:51
@Dora: have you read this great topic: How to avoid using sudo when working in /var/www? ... The approach that I proposed here is different, but in this way you will be able to manipulate with the files more fluently.
– pa4080
Apr 12 at 18:59
@Dora: have you read this great topic: How to avoid using sudo when working in /var/www? ... The approach that I proposed here is different, but in this way you will be able to manipulate with the files more fluently.
– pa4080
Apr 12 at 18:59
|
show 4 more comments
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1024194%2fsetting-up-sftp-to-log-in-to-server-with-filezilla%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
@pa4080 Your answer is quite lengthy and confusing, wouldn't it just be easier to show Op how to set up SSH and Give their users public keys?
– EODCraft Staff
Apr 12 at 9:26
@EODCraftStaff the question is not about that. I'm assuming this is already achieved: I figured all of them just teaches how to sftp into their own home folder... The answer contains about 7 sentences.
– pa4080
Apr 12 at 9:31