Solved: Re: New User to transfer files with WinSCP

scotty_p · ‎01-25-2008

I have an ESX 3.0.1 server and I have always transferred iso files to the host with WinSCP using the root user. I modified the sshd_config file to allow root login. I know this isn't the best practice, so I want to create a new user for transferring files. I created the user and gave him a password.

I can login to the ESX host from WinSCP, but I get an error when I try to transfer files.

What permissions do I need to give this new user?

Thanks,

Scott

ewannema · ‎01-25-2008

If the files you need to transfer will fit I would recommend tranferring them to your user's home directory and moving from there using the command line. You can do this without needing to modify permissions. You can apply permissions to the owner, group, or everyone associated with a file or directory. In ESX 3.5/VC 2.5 the datastore browser has been expanded to allow uploads. If you can wait for that upgrade it might be the easiest thing to do. Another option is to use Veeam FastSCP to tranfer files as root. Yet another option is to mount a NFS or SMB share and transfer files from there.

If you can not wait and want to use SCP then I would recommend creating a group and assign the group appropriate permission on a new "upload" directory. Then you can put any users you want to have access to this directory in that group.

Something like this where the directory location is on a disk with sufficient space

groupadd upload
usermod -G upload <username>
mkdir /vmfs/volumes/disk1/upload
chown root:upload /vmfs/volumes/disk1/upload
chmod 770 /vmfs/volumes/disk1/upload

Now you should be able to transfer files into the upload directory using SCP.

http://wannemacher.us

View solution in original post

AWo · ‎01-25-2008

You should check if you have a default folder set up in WinSCP. If this is one where the user has no or not enough permissions, you can either

a) change the folder in WinSCP to the users home dir "/home/

AWo

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =

scotty_p · ‎01-25-2008

Thanks for the response.

I did a "chmod 777 /vmimages" and this let me transfer files into the directory.

Is there a way to use the chmod command to only allow the user I created rwx for the directory or can it only be done for everyone?

Thanks,

Scott

ewannema · ‎01-25-2008

If the files you need to transfer will fit I would recommend tranferring them to your user's home directory and moving from there using the command line. You can do this without needing to modify permissions. You can apply permissions to the owner, group, or everyone associated with a file or directory. In ESX 3.5/VC 2.5 the datastore browser has been expanded to allow uploads. If you can wait for that upgrade it might be the easiest thing to do. Another option is to use Veeam FastSCP to tranfer files as root. Yet another option is to mount a NFS or SMB share and transfer files from there.

If you can not wait and want to use SCP then I would recommend creating a group and assign the group appropriate permission on a new "upload" directory. Then you can put any users you want to have access to this directory in that group.

Something like this where the directory location is on a disk with sufficient space

groupadd upload
usermod -G upload <username>
mkdir /vmfs/volumes/disk1/upload
chown root:upload /vmfs/volumes/disk1/upload
chmod 770 /vmfs/volumes/disk1/upload

Now you should be able to transfer files into the upload directory using SCP.

http://wannemacher.us

java_cat33 · ‎01-25-2008

This won't help you with your error message - but have you tried the free tool from Veeam called Veeam Fast SCP? They say it is 6 times faster that standard SCP tools!! It's a really good tool worth looking into - and you can copy from datastore to datastore too.

scotty_p · ‎01-25-2008

Thanks for the options.

I think creating the smb share might be the easiest. I'll give that a try and see how it works out.

Thanks,

Scott

AWo · ‎01-25-2008

Setting permissions is always for "user - group - everybody"

so by using "chmod 777" you set "rwx rwx rwx" for "user - group - everyone"

To set rwx only for the user you have to set only the first three rights: "chmod 700 /vmimages" or "chmod u+rwx /vmimages"

How the numbers are calculated:

read (r) = 4

write (w) = 2

execute (x) = 1

If you want the user "rwx", the group "rx" and everyboby nothing you have to use "chmod 750 /vmimages" (user= 421=7 group=4+1=5 everybody=nothing=0)

AWo

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =

scotty_p · ‎01-25-2008

Which user do those "User" rights apply to?

The user logged in? How do I get them to apply to a specific user?

Thanks.

AWo · ‎01-25-2008

Type "ll" or "ls -l" and you see something similar like this:

-rwx------ 1 awo users 25 2006-12-12 12:10 backup.txt

where (from left to right)

"-" is the type ("-" is a file, "d" is a directory, for example)

"rwx" are the rights for the user "awo"

"---" are the rights for the group "users"

"---" are the rights for world/everybody

"1" is the number of links (like windows shortcut) to this file

"awo" is the user

"users" is the group

"25" is the size in bytes

"2006-12-12 12:10" is the time the file was created (touched the last time)

"backup.txt" is the file/directory name

To give rights to a specific user/grouo you have to change them: chown .

See: http://en.wikipedia.org/wiki/Ls

AWo

Message was edited by: AWo

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =

scotty_p · ‎01-25-2008

That makes sense. Thanks.

All

New User to transfer files with WinSCP