I just installed ISPConfig 3.0.5.2 on Debian 7 and no user can connect via SFTP. Shell users (all Jailed) are correct because they can connect via SSH. Using FileZilla SFTP I get: Connection closed by server with exut code 1 Using Bitvise Tunnelier SFTP I get: Opening new SFTP session Closing SFTP session. Using Bitvise Tunnelier SSH I can connect normally. Thanks for any help.
Please see here for instructions to enable sftp for jailed users: http://symka.blogspot.de/2013/05/jailkit-ispconfig-ubuntu-1204-sftp.html The guide is for ubuntu but it should work for debian 7 as well.
Sorry, not solved. I modified the file /etc/jailkit/jk_init.ini (I have no jk.init.ini) as described and restarted fail2ban (/etc/init.d/fail2ban restart) with no luck. I noticed that setting "Chroot shell" to "none" the accounts can connect but I need them to be jailed.
Have you tested with a newly created shell user? I think the changes do not apply to already existing users.
In /var/log/auth.log I can only see: Code: Jul 14 12:36:16 debian7 sshd[5601]: Accepted password for ngtest from 192.168.1.100 port 57656 ssh2 Jul 14 12:36:16 debian7 sshd[5601]: pam_unix(sshd:session): session opened for user ngtest by (uid=0) Jul 14 12:36:16 debian7 sshd[5603]: subsystem request for sftp by user ngtest Jul 14 12:36:16 debian7 jk_chrootsh[5608]: now entering jail /var/www/clients/client1/web2 for user ngtest (5005) with arguments -c /usr/lib/openssh/sftp-server Jul 14 12:36:16 debian7 sshd[5601]: pam_unix(sshd:session): session closed for user ngtest Any idea?
Yes, I tried both, to re-create existing users and also to create new users but without success. Now I tried to create a new client, a new website and a new shell user and this time it works. Thank you. Is there a way to fix the existing sites/user or I have to re-create them? Thank you very much.
I'm not exactly sure. You could try using the command line tool jk_cp Something like jk_cp -j /var/www/clients/clientX/webY/./home/userxyz /lib/x86_64-linux-gnu/libnsl.so.1 /lib/x86_64-linux-gnu/libnss*.so.2 Edit: maybe jk_update -j /var/www/clients/clientX/webY/./home/userxyz could work, too. I have not tried.