Steve Matzura
2024-08-24 18:20:01 UTC
The following is specific to Ubuntu 24.04. If it should go to a
Ubuntu-specific list, let me know and I'll find out how to make that
happen. For now though, ...
... I have a new Ubuntu 24.04 system which is a rebuild of a 20.04
system. On the old system, I had logins set to use username and
password, but the new system was installed by its provider with that
turned off, necessitating some fancy footwork with SSH keys and such.
The problem is also related to FTP, which I can't seem to get working. I
modified /etc/ssh/sshd_config by adding a section at the bottom for
"Match User" and also to indicate the subsystem being inet-ftp:
Subsystem ftp internal-sftp
If I ssh into the ubuntu account, it works. If I try to FTP into any
account, I get a pretty meaningless error in the FTP log stating it is
unable to connect to the server, so I tried simply ssh'ing into itself
from itself. I got "permission denied publicly" for my troubles. ;-)
Some Internet searching didn't turn up much of help. I looked in
/var/log/auth.log, thinking I'd find something from myself to myself,
but other than lines and lines of probing from random addresses to the
root account and other such things, nothing from me to me at all.
If I could debug this thing, I could fix it. So then, my question is
either (a) how should I set up a Ubuntu user to accept inbound FTP if
PasswordAuthentication is No, or (b) what is the proper way of changing
from PKI access to password authentication access? I tried setting
PasswordAuthentication to Yes, but that didn't change anything, so there
must be something else not obvious when looking through sshd_config.
Personally, I'd like to keep access restricted to those holding SSH
keys, but if that doesn't work for FTP, then I'll have to go to password
authentication like on the old system.
Thanks in advance.
Ubuntu-specific list, let me know and I'll find out how to make that
happen. For now though, ...
... I have a new Ubuntu 24.04 system which is a rebuild of a 20.04
system. On the old system, I had logins set to use username and
password, but the new system was installed by its provider with that
turned off, necessitating some fancy footwork with SSH keys and such.
The problem is also related to FTP, which I can't seem to get working. I
modified /etc/ssh/sshd_config by adding a section at the bottom for
"Match User" and also to indicate the subsystem being inet-ftp:
Subsystem ftp internal-sftp
If I ssh into the ubuntu account, it works. If I try to FTP into any
account, I get a pretty meaningless error in the FTP log stating it is
unable to connect to the server, so I tried simply ssh'ing into itself
from itself. I got "permission denied publicly" for my troubles. ;-)
Some Internet searching didn't turn up much of help. I looked in
/var/log/auth.log, thinking I'd find something from myself to myself,
but other than lines and lines of probing from random addresses to the
root account and other such things, nothing from me to me at all.
If I could debug this thing, I could fix it. So then, my question is
either (a) how should I set up a Ubuntu user to accept inbound FTP if
PasswordAuthentication is No, or (b) what is the proper way of changing
from PKI access to password authentication access? I tried setting
PasswordAuthentication to Yes, but that didn't change anything, so there
must be something else not obvious when looking through sshd_config.
Personally, I'd like to keep access restricted to those holding SSH
keys, but if that doesn't work for FTP, then I'll have to go to password
authentication like on the old system.
Thanks in advance.