Monday, March 26, 2012

Setting Default umask for SFTP on Ubuntu Server

Much as described in this blog post by Jeff Robbins, I have a situation where two sftp users in the same group are both uploading files to an Ubuntu 10.04 server using Dreamweaver. The issue is that by default the permissions are 755, so even though both users are in the same group, only the file owner has write permissions. Since the users need to be able to overwrite each other's files I needed a way to have the default permissions be 775.

What is outlined in the blog post above is exactly what I was after, but for some reason on Ubuntu server if you use what is the final edit in that post:

Subsystem sftp /usr/lib/openssh/sftp-server -u 0002

That results in "Connection closed" messages when you try to log in. The solution above that one works, just note the minor modification of pointing to /usr/lib/... instead of /usr/libexec/...

Subsystem sftp /bin/sh -cumask 0002; /usr/lib/openssh/sftp-server’

Restart ssh and you should be in business.

Thanks to Jeff for that very helpful blog post, and to Thad Meyer for pointing it out to me just last week (coincidentally enough).

1 comment:

Liviu Balan said...

Nice! If you want learn about umask in order to check the current user value, set temporary and default value, octal and symbolic representation, computing octal value you can take a look at Ubuntu Linux umask explained (video tutorial).