- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: File Permission Issue After SFTP
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 02:29 AM
тАО05-20-2009 02:29 AM
File Permission Issue After SFTP
HP-UX 11.31
I have the following scenario:
Server A
- Database Server.
User XXX
- SFTP from PC to DB Server A with account XXX and group YYY.
Group YYY
- Group YYY is DBA group.
When user SFTP from local PC to DB Server A folder, the file permission assigned is 644 as shown below:
-rw-r--r-- xxx yyy filename
Previously, while the ftpd still enabled, I have the following umask for the ftpd as shown below:
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -u 002
Since now I need to implement SFTP, I have disabled the ftpd line in /etc/inetd.conf.
How can I SFTP to the DB Server A using XXX:YYY with the file permission assigned as 664 instead of 644 after SFTP?
Thank you very much.
Regards,
SSL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 02:38 AM
тАО05-20-2009 02:38 AM
Re: File Permission Issue After SFTP
Now what is the permission showing after sftp to your server?
Suraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 03:21 AM
тАО05-20-2009 03:21 AM
Re: File Permission Issue After SFTP
HPUX 11.31 should be running SSH Version A.05.xxx
Check the options in /opt/ssh/etc/sshd_config
#SftpUmask
#SftpPermitChmod yes
#SftpPermitChown yes
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 06:58 AM
тАО05-20-2009 06:58 AM
Re: File Permission Issue After SFTP
The permission is now 644 after SFTP to server.
Hi Ganesh,
I am using HP-UX Secure Shell A.04.70.023.
About the file that you asked me to check, I can't see any of those info in the file.
Kindly see attached file.
Thanks guys.
Regards,
SSL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 07:32 AM
тАО05-20-2009 07:32 AM
Re: File Permission Issue After SFTP
run ssh -v and see if you've support for Sftpfilecontrol patch.
Check this link: http://docs.hp.com/en/T1471-90032/T1471-90032.pdf (Support for the Sftpfilecontrol Patch)
If ssh -v outputs Sftpfilecontrol then I think you should be able to enable the above mentioned options.
p.s. I hate to say, currently I don't have test server to check it.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 05:54 PM
тАО05-20-2009 05:54 PM
Re: File Permission Issue After SFTP
The following is the output from ssh -v:
# ssh -v
OpenSSH_4.7p1+sftpfilecontrol-v1.2-hpn12v17, OpenSSL 0.9.7m 23 Feb 2007
HP-UX Secure Shell-A.04.70.023, HP-UX Secure Shell version
I can't enable the /opt/ssh/etc/sshd_config with the following options because there is no such option inside the file unless I add them in manually. Can I do that ? If yes, for document internal documentation wise, which section should I add them in the sshd_config file ?
#SftpUmask
#SftpPermitChmod yes
#SftpPermitChown yes
Thanks.
Regards,
SSL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 07:51 PM
тАО05-20-2009 07:51 PM
Re: File Permission Issue After SFTP
I found out from a site that asked me to put in the following in the /opt/ssh/etc/sshd_config file.
# sftp-server umask control
SftpUmask 002
After that restart the secure shell service:
/sbin/init.d/secsh stop
/sbin/init.d/secsh start
From security point of view, is it fine to enable sftpumask 002 ?
Thanks.
Regards,
SSL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 08:36 PM
тАО05-20-2009 08:36 PM
Re: File Permission Issue After SFTP
what is the umask set at .profile?
edit umask value in .profile and check
>>How can I SFTP to the DB Server A using XXX:YYY with the file permission assigned as 664 instead of 644 after SFTP?
put umask 133 at your .profile and check
Suraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 10:20 PM
тАО05-20-2009 10:20 PM
Re: File Permission Issue After SFTP
Is the provided solution working for you?
>>>>From security point of view, is it fine to enable sftpumask 002 ?
This question should only be evaluated by you, You had a question to have certain permission on the files after sftp :-)
>>>>put umask 133 at your .profile and check
No, Follow the sftp log file and you'll find that sftp checks the file creation time and sets the umask.
p.s. Please assign points if solution works :-)
Cheers!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-22-2009 01:49 AM
тАО05-22-2009 01:49 AM
Re: File Permission Issue After SFTP
I choose to go for the following:
Added the following to my /opt/ssh/etc/sshd_config file.
# sftp-server umask control
SftpUmask 002
Thanks anyway guys.
Regards,
SSL