How do I effectively use WinSCP on my GoDaddy Dedicated Hosting

Question

After being told that Virtual Private Servers would not fit the scope of my project, I have timidly entered the world of dedicated hosting. Unfortunately, this is forcing me how to learn the basics of being a Linux server admin.

GoDaddy has a master account for the server. When you use SSH, they want you to use "su" to switch to the root user. Thus far, I have been able to do everything I have needed to thus far via the command line as this root user.

However, now I need to upload files to my server. I'm used to using WinSCP to upload files. I can use my general server account to view the files but when I try to drag or create files its says that I cannot because I do not have permission to do so.

I have researched the WinSCP documentation and it seems that this "su" function is beyond the scope of the program.

How am I to grant myself access to upload these files using SSH?

Should I create a user with the proper permissions? I'm happy to do this but thus far I have not been able to make sense of what I have found online.

I'm going to try and move forward but any help and/or insight is appreciated.

score 1 · Answer 1 · answered Dec 23 '10 at 17:37

1

You can run su within WinSCP, but it's not very intuitive to figure out how.

In the connection settings, under Environment/SCP/Shell, look for the top item, called "Shell" in that box, type su -... or any command you wish. Normally, this is used to choose which shell will run - but when you just put a command like su - there, it will instead begin a shell session as root, using root's profile (the - option), so the default shell for root will run.

answered Dec 23 '10 at 17:37

Andrew Barber

1,089
12
23

This sounds promising. I agree it is not clear how you would go about doing it. I would type "su root" assuming root was the user I wanted to switch to? – Scott Dec 23 '10 at 17:41
`root` is the default user that `su` switches you to, so you don't need to specify it. (though you can, if you like). The dash option might be important in this case, also, since no shell is being defined otherwise. Not 100% sure on that (I always use `su -` out of habit). – Andrew Barber Dec 23 '10 at 17:43
OK, I was trying to figure out if that "-" was a space holder or an actual dash. – Scott Dec 23 '10 at 17:54
Oh, yes, I always forget about that! The dash is a literal argument to `su` which causes it to load the shell environment for the user you are switching to... things like the PATH and such, for example. – Andrew Barber Dec 23 '10 at 17:59
Thus far it seems to be ignoring it. I did find the spot where you said to enter the command and I typed "su -" and then connected as normnal. I don't get any error message either. – Scott Dec 23 '10 at 19:08
Does the server have `sudo` and is your regular account in the `sudoers` file? If so, you may need to use `sudo su -` instead, which would avoid needing a password. It occurs to me that WinSCP probably have no way to prompt you for the password for `su -` in that context! – Andrew Barber Dec 23 '10 at 19:11
OK, so I have typed both of these in as commands in the shell portion. Unfortunately, I get the same result. I don't know anything about the sodoers file and will have to research it. I guess for this to work I would need to pass a single command that said to switch the user and supply the password? I guess this wouldn't be very secure b/c it would be plain text... This is quite challenging! – Scott Dec 23 '10 at 19:46
Sorry 'bout that... I've only ever used my own Linux boxes, so the possible limitations of this solution weren't on my mind :( – Andrew Barber Dec 23 '10 at 19:51
So you think i should go the route of adjusting the user permissions? – Scott Dec 23 '10 at 20:34
As long as you only give the permissions you need, that's probably easiest at this point, yes. – Andrew Barber Dec 23 '10 at 20:36
The box is "My own" but I need to learn how to check that sudoer stuff... I haven't given up. – Scott Dec 23 '10 at 20:41
The problem is that it will launch `su -` into its own shell, assume root, then close the shell because the command has been run. This will NOT change the user you're running the program as. – Andrew M. Dec 24 '10 at 15:53
@Redmumba is he running some command via SCP or something I missed? I use exactly this technique ( `sudo su -` in the shell box as I noted) and it gives me root permissions for the rest of the session. – Andrew Barber Dec 24 '10 at 19:02
Did it give you any input to express that it worked? I would be very happy to be wrong if that meant it would work. – Scott Dec 26 '10 at 16:17
When I use the technique I noted, no output is given (none should be expected), but I can read and write files to which only root has access. – Andrew Barber Dec 26 '10 at 20:02
Trying to figure out the right command to use and test in the command line. When I use sudo, it gives me the commands that I could use. I haven't figured out how to edit sudoers. If I type "sudoers" I don't get any kick back from the server. – Scott Dec 27 '10 at 02:54
I get the following answer when I type "sudo -" in the command line on my linux box. We trust you have received the usual lecture from the local System "Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility." I thought this was a VERY strange response. It asks me for a password but it seems to be prompting me for the same user account... – Scott Dec 27 '10 at 03:00
I then say the same password for that user and it says that user is not in the sudoers file. So perhaps this is what is going on in WinSCP that I am not seeing and why it is not working for me when it works for Andrew. So I should go back to learning about the sudoers file and how to best approach it. Thank you so much. – Scott Dec 27 '10 at 03:08

score 0 · Answer 2 · answered Dec 23 '10 at 17:30

0

One solution would be use scp instead of winscp. This would require a local computer running *nix. Cygwin will let you run *nix locally within windows. Or if you have a spare computer, you could install linux on it. Or dual boot your computer. Or use a Mac.

answered Dec 23 '10 at 17:30

David Oneill

123
6

Mac's are scary! – Scott Dec 23 '10 at 17:42
So SCP wouldb e the linux equivalent. and cygwin would be some sort of linux box or imitator on windows? This is some stuff to look into. Thank you. – Scott Dec 23 '10 at 17:49
WinSCP is the windows version of SCP. Yes, cygwin is program that lets you run linux programs from windows. – David Oneill Dec 23 '10 at 22:35

score 0 · Accepted Answer · answered Dec 23 '10 at 17:34

0

I am not familiar with GoDaddy but you can upload files with winscp to some dir. limited user has write access - i.e. home directory

then ssh to the server, su root and move files to the proper place and eventually adjust permissions

you can use some console file manager like Midnight Commander (mc) if is installed on the server

answered Dec 23 '10 at 17:34

jet

475
4
8

When you say console manager, you mean something like the "control panel" provided by GoDaddy or something different? – Scott Dec 23 '10 at 17:37
I have not yet actually tried to upload to that users default director. Perhaps I do have write access there. I will look into that. I don't know if uploading and moving would be my first choice but that might be a workable solution to move forward. – Scott Dec 23 '10 at 17:37
I confirmed that I can upload to the directory that is the default for that user. – Scott Dec 23 '10 at 17:58

score 0 · Answer 4 · answered Dec 24 '10 at 02:25

0

I think the better question is, why are you trying to update files as root through scp? If this is a matter of deploying files, you should be looking into config management systems and installers.

For example, if you're copying over configs, take a look at puppet or cfengine. If you're looking at installing programs, look into your particular Linux distro's package management system (aptitude, yum, etc.).

I could also tell you that your ultimate solution would be to login as the root user, but that poses a huge security hole, and is disabled on most systems. But if you want to go down this path, you can re-enable root login by opening your SSH config (most likely in /etc/ssh/sshd_config) and setting:

PermitRootLogin yes

And then restart sshd:

sudo /etc/init.d/sshd restart

Andrew

answered Dec 24 '10 at 02:25

Andrew M.

10,982
2
34
29

I'm trying to upload drupal modules. They are folders that contain PHP. They need to be pulled down off the drupal website. What method do you think is best for that? – Scott Dec 24 '10 at 02:53
In that case, you probably want to upload them as yourself, and then extract/move the modules using sudo or su. – Andrew M. Dec 24 '10 at 03:01
the other option is when you ssh to the server: `wget http://drupal...../path/to/the/file` – jet Dec 24 '10 at 16:56
I thought about doing that. That is kind of where I was ending up. The process is then download, unzip, delete zip, and go. Right? – Scott Dec 26 '10 at 17:06
I don't really want to "give him root permission" I just want the user to have FTP or secure upload through WinSCP. That is the general idea.... – Scott Dec 27 '10 at 03:25
Is it really normal to have to move things on a server with one account and then have to manually type out the file paths to get things moved? – Scott Dec 27 '10 at 03:55
You ARE giving him root permission, though. That's what `su -` does--you become the superuser, `root`. If you're really motivated, you can re-arrange the folder structure so that either (a) the web directory isn't owned by root, or (b) its a directory that can be used by users other than root. And yes, that's perfectly normal behavior. `root` should be an as-needed operation only--otherwise, typos can turn into disasters veeeeery easily. – Andrew M. Dec 27 '10 at 16:53
OK, I could throw out "su -" or "sudo -" and then use "su {user}" and specify that is not the root user but has permission to edit files. I'm going to reread and think about what you're saying here. – Scott Dec 27 '10 at 19:46
Can there be only one owner of a file? in linux? I'm sorry but I've been working on what they call "LAMP" servers. Where I have started out in a VM and started off witha configured "appliance." – Scott Dec 27 '10 at 21:38
I have seen some pretty crazy arrangements of directories within those pre-configured lamp servers. – Scott Dec 27 '10 at 21:38
There cannot be more than one "owner" of a file, but there can be a single group on a file with multiple members inside of it. – Andrew M. Dec 27 '10 at 22:40
OK, so you have user X, and root is the current owner of the web directory. I create a group called something to the effect of "webadmins". I then place User X into the group. I then go to the web folder and make the owner of that the "webadmins" group? Then, I would use WinSCP to navigate to the web directory with user X and I could then navigate upload the needed files? – Scott Dec 27 '10 at 22:59

How do I effectively use WinSCP on my GoDaddy Dedicated Hosting

4 Answers4