Pragma Systems Technical Forum
Back
Login
Register
Login
Register
Home
»
Community
»
Secure File Transfer (SFTP/SCP)
»
sftp access only; restrict users to their own folders; extensive...
sftp access only; restrict users to their own folders; extensive logging
Post Reply
Like
3
sftp access only; restrict users to their own folders; extensive...
View
Flat Ascending
Flat Descending
Threaded
Options
Subscribe to topic
Print This Topic
Goto Topics Forum
Author
Message
johndavis
johndavis
posted 14 Years Ago
ANSWER
Topic Details
Group: Forum Members
Posts: 1,
Visits: 4
Hello Pragma,
I am evaluating your Pragma FortressSSH softare and need to configure the SFTP server in the following way:
1. Need to have SFTP connectivity (no shell access) for multiple users
2. Need to restrict the users to their own folders
3. Need to have extensive logging capability
Please provide detailed instructions on how to do this.
Thanks in advance for your help.
-John Davis
Reply
Like
3
Technical Support Group...
Technical Support Group...
posted 14 Years Ago
ANSWER
Post Details
Group: Moderators
Posts: 136,
Visits: 639
Hi John,
Thanks for your interest in Pragma Systems software. Please follow the instructions below for Pragma FortressSSH SFTP configuration:
#1. Need to have SFTP connectivity (no shell access) for multiple users:
To turn off shell access (i.e. no ssh command line access), launch the "Local FortressSSH Configuration" dialog.
Under the "Access Control" option, de-select "Logon/Shell Access" and any other type of access that you would like to block. Make sure that "Allow SFTP Access" remains selected.
#2. Need to restrict the users to their own folders:
Launch the "Local FortressSSH Configuration" dialog. Under "SFTP Users", add all the users to whom you would like to provide sftp access. Then for each user that you added under "SFTP Users", select the user and then select the "virtual directory assignment" option. Click on the Add button and enter the Virtual Path (for example, "Test1Dir" - this name will be visible to the user). Under the File Path field, enter the path of the folder to which you would to restrict the user to (for example, C:\temp1). The user will neither be able to traverse the directories above this directory nor will be able to view the actual path to this directory.
Example:
Test1 user added under "SFTP Users" with a virtual Path of "Test1Dir" mapped to "C:\Temp1" will be restricted to the "Temp1" folder and all of its sub folders. This user's root directory will be displayed as "Test1Dir" but will not know that "Test1Dir" is actually "C:\Temp1".
#3. Need to have extensive logging capability
To enable extensive sftp logging, launch the "Local FortressSSH Configuration" dialog and click on the "SFTP Users" option. Select the "Detailed" option under the "Logging" drop-down menu. In the field labeled "Directory for Log Files", provide the path to the directory where sftp log files will be created.
Additionally, enable extensive logging under the Logging option of Local FortressSSH Sever Configuration by selecting all the necessary check boxes including "server operation logging" and setting the slider to the appropriate level. (The slider at "0" means no server operation logging will be generated. Therefore, the slider must be set at 1 or higher.)
Hope this helps. Feel free to email us at
support@pragmasys.com
or call us at 512-219-7270 if you have any questions.
Thank you,
Technical Support Group (TSG)
Pragma Systems, Inc.
Pragma Systems Technical Support
13809 Research Blvd, #675
Austin, TX 78750
http://www.pragmasys.com
Edited
14 Years Ago by
Technical Support Group (TSG)
Reply
Like
4
GO
Merge Selected
Merge into selected topic...
Merge into merge target...
Merge into a specific topic ID...
Open Merge
Post Reply
Like
3
Similar Topics
Post Quoted Reply
Reading This Topic
Login
Login
Remember Me
Reset Password
Resend Validation Email
Login
Explore
Messages
Mentions
Search