Delete A Directory Tree From SFTP Server

Hi,
I am looking for a simple shell script that allows for sftp to be run from the server to another server (Windows). I would like the script to be passed parameters suchas destination server, Id, password, Directory structure/folder name, file name etc...
Need some help to know how to start with and it would be great if someone help me with any sample sftp shell script

Is there an sftp package that can be used which is more flexible then the ssh internal ftp server. I have been tasked with providing an /srv/ftp/ directory which includes

mount -bind other_directory1 /srv/ftp/d1
mount -bind other_driectory2 /srv/ftp/q2

...etc

Since sftp via ssh demands that all directories be owned by root I have a problem. The 'other directories' are owned by different sets of groups. We have engineers who will have carte blanche access. I have another group 'manufacturing' who will need to be chrooted to /var/ftp/. They will need to see directories underneath /var/ftp/ and nothing else. We don't want them to be able to cd to any other part of the system. Manufacturing does not have any account on the machine. My last group sales has an account on the server. I have been able to chroot them to there home folder where they also have the same mount --binded directories. Management would like sales to be able to ftp as well as sftp with read only access to the sub directories under their home directory. It is allowable to have them sftp to /srv/ftp/ and ftp to /home/sale/. I would suppose that this may mean that I use a different tool to implement sftp rather then use ssh. Here are my setup files for ssh

Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 1024
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes
UseDNS no
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
UseLogin yes
Banner /etc/issue.net
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM no

Match group ftpgroup
ChrootDirectory /srv/ftp
X11Forwarding no
AllowTcpForwarding no
ForceCommand /usr/lib/openssh/sftp-server
PasswordAuthentication yes

Hey guys, I have rsync going to another remote server
it works good, however, lets say server A deleted a directory, server B wont sync up to it.

if I were to add a directory to Server A, then server B will add it as well. so server B is just not deleting stuff.

is there a proper rsync command i can use ?

would rsync -xzva --delete /src /dst delete everything and start the rsync from scratch? or is there another way to do this

Dear all,

This is long story cut short, with vsftp, if i set this parameters in the vsftp.conf file below

Code:

local_enable=YES
chroot_local_users=YES

I am able to login to the ftp account, see and list my home/user directory, and if i do a cd / or cd .. , i will still be chroot to my /home/user directory.

without, the need to chmod or or chown anything to my /home/user directory

=============================================

With openSSH, internal_sftp, even though I have set the sshd_conf to

Code:

Match user alankoh
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
ChrootDirectory /home/%u

I will need to change owner my /home/user directory to have root becomes it owner.
============================================

Q1) why this difference ? How does vsftp chroot without changing the /home/user folder ownership ?

Q2) i realize that openssh ChrootDirectory parameter causes my default login directory to be set as that of the parameter.
(e.g. if i set to "/whatever/xyz", i will be brought to that /whatever/xyz everytime i login to the sftp instead of my /home/user folder.

Why ? I thought that ChrootDirectory is just a security measure to specify the directory to go to in case the user cd to root (e.g. cd /), else not, i should still go to my /home/user folder everytime i login to sftp.

Regards,
Noob

I am using Suse 12 Enterprise.
I would like to use sftp and disable ftp.
Presently I am able to do both.
I stopped vsftpd.service.
Tried comment on ports 20 & 21 in /etc/services.
Stop FTP server using YAST.
Stopped xinetd tftp service using YAST.
Is it wise to turn this service off?
How do I display the status for sftp and ftp?
I am still able to ftp.
Where is the kill switch?

I have set up a SFTP which I can connect to, go to the right directory and read/write files to.

The full path is home/sftpuser/SFTP/Customer
The user "sftpuser" I am connecting with is in the group "ftpusers" which has read/write access.

That works fine.

Here is my sshd_config:
Code:

Match Group ftpusers ChrootDirectory /home/%u/
 ForceCommand internal-sftp
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

However, I made a samba share of the folder Customer, when I go to the IP adress on a Windows machine "\\10.0.0.1\" I can see the folder Customer, when entering it requests user/pass and afterwards gives an error: you have not the right permissions.

In Webmin:
Customer /home/sftpuser/SFTP/Customer Read/write to everyone

My smb.conf:
Code:

[global]
    syslog = 0
    log file = /var/log/samba/log.%m
    read raw = no
    write raw = no
    passdb backend = tdbsam
    workgroup = DOMAIN
    usershare allow guests = yes
    socket options = TCP_NODELAY
    pam password change = yes
    passwd program = /usr/bin/passwd %u
    unix password sync = yes
    obey pam restrictions = yes
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    server role = standalone server
    server string = %h server (Samba, Ubuntu)
    max log size = 1000
    map to guest = bad user
    panic action = /usr/share/samba/panic-action %d
    dns proxy = no



[Customer]
    force create mode = 755
    browsable = yes
    public = yes
    path = /home/sftpuser/SFTP/Customer
    force directory mode = 755
    writeable = yes
    valid users = @ftpusers
    force group = ftpusers
    write list = @ftpusers

I have been struggling for 3 days and am totally out of ideas.

LS -L for the folder:
Code:

total 4
drwxrwx---+ 2 sftpuser ftpusers 4096 Apr  9 11:35 Customer

Ok so, i want to create a SFTP/FTP account, that has access to edit/delete/move/upload/download files inside its homefolder and to all the other files/folders that are inside the homefolder.
The account should not be able to go back from the homefolder, like if the home folder is /home/servers it cannot go back to /home..
And the account should not be able to login to SSH.
Please help me.. i need to get this working...
I'm using CentOS 6.6 64bit
I've followed multiple tutorials, none of them have worked.

in my RHEL 4 server , I want to know what ftp server is running but can't find it.

I tried "ps -ef |grep ftp" but no output , chkconfig --list |grep ftp also no output related to ftp , /etc/rc.d/init.d can't find ftp service , ftp localhost is not allow .

when use FileZilla to connect it , it is ok , the ftp should be running , I tried to use "ps -ef |grep ftp" , it pops the following output , would advise what ftp server is running in server ? thanks

Code:

edp 11027 11026  0 12:39 ?        00:00:00 tcsh -c /usr/libexec/openssh/sftp-server
edp 11037 11027  0 12:39 ?        00:00:00 /usr/libexec/openssh/sftp-server
user   11050  7747  0 12:48 pts/2    00:00:00 grep ftp

Ok so, i want to create a SFTP account, that has access to edit/delete/move/upload/download files inside its homefolder and to all the other files/folders that are inside the homefolder.
The account should not be able to go back from the homefolder, like if the home folder is /home/servers it cannot go back to /home..
And the account should not be able to login to SSH.

hi guys im a little confused

read privilege on a directory means i can list the contents
write means i can save,edit and delete files in that directory
but then it says execute is like a light switch,if its off (no execute) you will not be able to view items in the directory

so do you have to have rwx on a directory to be able to use it fully?
if you have rw- as the owner will you not be able to view or change
into subdirectories within that directory?