Hi there, I installed ispconfig3 on a new virtual server and everything is working. Today I created a new sFTP user with a ed25519 public key. I tried everything but I cannot connect to it. What I tried till now: recreation of keys - no changes test the same keys every time with a new ssh user - working disabled firewall (using the integrated firewall configuration which uses ufw) with and without jailkit also restarted the server System: Ubuntu Server 22.04 (10/2023 up2date) sftp/ssh user: all default except base folder: /var/www/clients/client1/web1/private/transfer files and structure created, inclusive ssh keys (verified, it copied the correct public key but it also contains other public keys I do not know right now) private/public key is in ssh-ed25519 format (created keys on windows, ubuntu and using putty but none worked) My setup regarding ssh is key authentification only (no password). Has anyone an idea what could be wrong? Right now I am not able to find any logs which contain information why the login fails. The client only responses "Permission denied (publickey)".
Ah ok using the default path worked (/var/www/clients/client1/web1). For me I would like to choose another path to not let one user access all files and folders. Is this maybe buggy or not possible? Or do I just miss something? PS: thx a lot for your feedback (Small reminder: if you change the directory to another existing one, the existing one is renamed with suffix "_bak" - so if you think it deleted everything just move the folder back )
You mean failed to get into this "transfer" folder? I asked because its not there by default. If there is, check its permission and owner.
The purpose of the ssh users of the site is to give access to the website files so they can maintain the website, that's why they are always aliases of the main website user and share its UID. The users shall be able have separate home folders though so they can store their own files there, but this is not meant to remove access to the website or change the root of the main website user. So this setting is not meant to remove website access. I guess we will have to see if there are any issues in the folder setting as you should be able to set a custom folder, maybe the .authorized_keys file gets placed in the wrong folder at the moment in that case.
Maybe I wrote it a bit confusing: All I want is to add a new sftp user. If the user connects, it should not see the complete folder structure of the web user. That is why I changed the path to a folder created by hand inside the "private" subfolder. So basically what I did was: Have a working domain like client1 -> web1 Inside the web user folder (e.g. /var/www/clients/client1/web1/) there is a "private" folder. Go there and create another folder like "transfer" Now create a sFTP user and on the options tab change the default folder (e.g. /var/www/clients/client1/web1) to /var/www/clients/client1/web1/private/transfer After ispconfig processed the task, there are files and folder structures in the given path, the user is in /etc/passwd, public key files are set and seem to be correct - so everything fine Test the user expecting that you land inside /var/www/clients/client1/web1/private/transfer (or the related "transfer" home folder) - but connection is not possible But maybe I am using it wrong
