This post is more than 5 years old
18 Posts
0
22140
SFTP and SCP access on Isilon
I need to have SFTP and SCP access on our Isilon. I had enabled FTP and am able to connect via SFTP using the admin and root account (sftp admin@cyrrs620), but I want to have a user who does not have admin or root privileges, but can connect to the Isilon via sftp. I had read somewhere that SFTP access will be enabled for only Unix users (in general, not particularly for Isilon). What I want to know is:
1. Is there a way I can enable SFTP access for our AD users?
2. If no, how do I create a local user with limited privileges which will have SFTP and SCP access?
Till now I have tried creating a local user and adding it to the guest/ftp/ifs group in file provider, but its not working.
christopher_ime
2K Posts
1
July 20th, 2013 07:00
Can I assume you are running OneFS v7.x?
If you are running v7.x, you will want to look into role-based access. Specifically for SFTP which as you know is FTP secured via an underlying SSH session, the user therefore needs to be assigned at a minimum the following privilege:
ISI_PRIV_LOGIN_SSH
With OneFS v7.x, privileges are assigned via (system and user-defined) roles. It should be enough to create a role with just that privilege and add the user (or group) to that role.
RBAC is covered in the Administration Guide for your version of OneFS (search for "Managing roles"):
https://support.emc.com/search/?resource=DOC_LIB&AlloftheseWrds=onefs%20administration%20guide&SearchWithin=true&adv=y
deykau
18 Posts
0
July 21st, 2013 08:00
Thanks Christopher, your information helped
. I have not tried with a domain user yet, but a local user is currently good enough for me. I am now looking for options to restrict the user from navigating up from its home directory. Will post if I need any help. Thanks again 
.
deykau
18 Posts
0
July 22nd, 2013 08:00
I am having issues restricting the user to its home folder. How can I do that?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
1
July 22nd, 2013 22:00
Please see if the following document will help you achieve that.
1 Attachment
Restricting FTP users to their home directory.pdf
christopher_ime
2K Posts
0
July 26th, 2013 16:00
deykau,
Thanks for following up and letting us know of your progress.
In addition to the above, you may also want to refer to another KB article. I'll simply list them both (one of which isi_cat) already brought to your attention.
emc14001307: "Restricting FTP users to their home directory"
emc14000926: "Locking FTP users into their home folder with vsftp"
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
September 12th, 2013 09:00
Hi
If I want to set ten FTP users, each user i must do the operation as emc14001307?
thanks.
nandinisen
1 Message
0
December 11th, 2013 09:00
Can you please post the pdf of emc14000926: "Locking FTP users into their home folder with vsftp". I am unable to get to this KB.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
1
December 11th, 2013 21:00
I only have the attachment: how to lock FTp users into a specific directory.
1 Attachment
How to lock FTP users into a specific directory.pdf
zerothehero
64 Posts
0
September 5th, 2019 07:00
Anyone got lucky restricting the user to its home dir when using SFTP? the guide mentioned below is only for FTP, not SFTP.
And is there also a way to use Active Directory Users for login to SSH and/or SFTP?
zerothehero
64 Posts
0
September 5th, 2019 07:00
I found this solution in the KB:
https://support.emc.com/kb/303899
Is this still valid for OneFS 8.x ?