How to ssh transfer a directory from local to server (ssh passphrase)

nam1962 · February 27, 2022, 8:42am

Hi !
I want to add ninjafirewall pro to my install.
I applied the security hints (ssh with key & passphrase, change port)
I need to drop files on a newly created directory : /var/www/ninjafirewall
Well, I didn’t find the proper ssh command and filezilla fails as well…

Here what I tried from my local Manjaro terminal :

rsync -e 'ssh 56789' -r '/home/me/Téléchargements/ninja+' admin@xx.xxx.xx.xx:/var/www/ninjafirewall

What do I miss ?

nam1962 · March 6, 2022, 9:23am

I’m still stuck on this one.

And I cannot access this directory from Filezilla

tituspijean · March 6, 2022, 9:57am

Same issue as in your other thread, admin user does not have root access. Transfer the directory in /home/admin first, then move it and chown it via SSH.

nam1962 · March 6, 2022, 10:30am

Ok !
I’ used to Manjaro desktop, much less Debian server^^
Thank you for caring

jarod5001 · March 6, 2022, 1:36pm

Upload to nextcloud then mv source destination

nam1962 · March 6, 2022, 1:50pm

mv or rsync ?

carrabelloy · March 7, 2022, 12:56pm

Download backup via terminal where is the data located

how can i proceed here and find all the data to be able to download it. Can someone help me here, because I want to put everything on a new server. Unfortunately, it’s not possible via the desktop panel for admins. So I would be grateful for your help and support. Thank you very much

ljf · March 7, 2022, 3:02pm

@carrabelloy o_O You made 3 posts in 3 topics with the same question in 5 minutes. You should not do this, because you spent the time of contributors by doing this.
Personally, i stopped to answer you since several months and the day when i decide to review my opinion, i discover that mess! Don’t be surprised if you get less and less answers.

carrabelloy · March 7, 2022, 3:18pm

I’ll tell or write you something now. I contribute. But don’t know if you’re French or not. But which languages are used here? French or English. Where is German here? So that you can understand a lot better in the forum. I don’t see that. Maybe complain before you get too excited about a tweet. It would be better for all of us. Because not everyone can speak English. And my home is Germany and the German language. And it’s hard enough to deal with. Thank you and stay healthy and moan about other things than that.

jarod5001 · March 7, 2022, 8:46pm

you can also try
scp -r /local/directory admin@192.168.1.22:/var/www/ninjafirewall
of course replace “/local/directory” with your source directory and the “192.168.1.22” with the IP address of your server

nam1962 · March 10, 2022, 10:56am

Well, obviously harderned Yunohost is hard :

~]$ scp -P 12345 /home/me/Bureau/mystuff/favicons/fav.png admin@192.168.1.168:/usr/share/ssowat/portal/assets/themes/clouds
Debian GNU/Linux 11
Enter passphrase for key '/home/me/.ssh/id_rsa': 
scp: /usr/share/ssowat/portal/assets/themes/clouds/fav.png: Permission denied

Did I miss something ?

jarod5001 · March 10, 2022, 11:04am

May admin doesn’t have permission for that folder. If you try replacing admin by root?

nam1962 · March 10, 2022, 11:12am

root@192.168.0.168: Permission denied (publickey).
lost connection

Well, isn’t Yunohost forbidding root access ?
On ssh, I can only access root with su - once logged on admin

jarod5001 · March 10, 2022, 11:41am

scp -P 12345 /home/me/Bureau/mystuff/favicons/fav.png root@192.168.1.168:/usr/share/ssowat/portal/assets/themes/clouds

nam1962 · March 10, 2022, 12:04pm

Yes, exactly what got the permission denied !

I followed this for the setup : Security | Yunohost Documentation (but the API setup)

wbk · March 10, 2022, 12:39pm

As an aside, the obstacle you encounter is not Debian-specific, but is part of the security that Yunohost adds.

Besides restricting to the regular owner/group/others permissions, access control is enforced via ACL. Arch got a helpful text on their wiki

wbk · March 10, 2022, 12:52pm

I think you can work around it by adding your user’s key to root’s authorized_keys, but for the few times that you might need it, I would copy to a temporary location via SSH as admin, and then move (as root) to the right location.

Did you set up key access for your admin on Yunohost? From your desktop / laptop / telephone, connect to your Yunohost with

$ ssh-copy-id admin@your.yunohost

In case you do not have a public key file for your local user yet, create one first (on your local computer) :

$ ssh-keygen

It will pose some questions; you can just press enter for the defaults (a passphrase would give added security, but is often skipped).

After your key is added to admin’s authorized_key’s, you can login and copy securely and without providing a password with SHH and scp.

It should be easy now to transfer the files from your desktop to admin’s /home/admin-directory. After that, log in via SSH as admin, and sudo mv the files to the destination.

nam1962 · March 10, 2022, 5:00pm

Well, this is what I did well before (As I RTFM )

ssh-keygen
ssh-copy-id -i ~/.ssh/id_rsa.pub admin@123.45.67.890

And I have no issues to reach the admin neither to su - from there

The issue is with scp (That logs, but then is denied access to the path)

[Edit] Ha! ha! Fond the proper way and probably the why :

I did this :
sudo yunohost settings set security.ssh.password_authentication -v no and this must block everything.

Thus, I used almost @tituspijean 's solution :
Here for the favicons : dropped a favicon in admin directory, then :

rm /usr/share/ssowat/portal/assets/icons/* 
mv /home/admin/favicon/*  /usr/share/ssowat/portal/assets/icons/

I’ll check a little later with the move I wanted on my OP

jarod5001 · March 10, 2022, 9:32pm

So you copied the file from pc to /home/admin in the server then moved it to the location you wanted in the server.
What about running the scp command from the server? Does it work?

nam1962 · March 11, 2022, 7:33am

How would I have to amend the command to do this ?
If I run from the server, how do I tell that the first path is not on it ?