TLA upload via SCP - langdoc/FRechdoc GitHub Wiki

This was an experiment Niko Partanen did recently with Alexander König in TLA. The idea was that someone could set up a server where the files reside, and someone from TLA could just use scp connection to copy all files over and add them to the workspace in LAMUS2. This would pass by the LAMUS2 upload, which seems very fragile with large files. To start, your computer (I think) needs to have a stable IP address. Google how to do that, I have no ideas. Generally speaking I (Niko Partanen) do not really know what I'm doing here. The idea is:

  • Let's create a user who has access to only one directory on the server
  • That user can then use scp or rsync to copy all those files

These were the links used:

https://help.ubuntu.com/community/SSH/OpenSSH/Configuring https://help.ubuntu.com/community/SSH/TransferFiles http://alvinalexander.com/blog/post/linux-unix/scp-pscp-shortcut-copy-files-home-directory

So in order to use ssh on Ubuntu this is needed:

sudo apt-get install openssh-server
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.factory-defaults
sudo chmod a-w /etc/ssh/sshd_config.factory-defaults
sudo restart ssh OR sudo systemctl restart ssh

Then we need to create a new user and a group. We don’t want the new user to be able to log into our computer and cause havoc, so let’s restrict his access. One way to do this is to limit the access away from the actual shell.

http://askubuntu.com/questions/795649/permitting-scp-but-not-ssh-without-scponly

sudo apt-add-repository universe
sudo apt-get install rssh
sudo nano /etc/rssh.conf

Here we can uncomment the tools we want to allow:

allowscp
#allowsftp
#allowcvs
#allowrdist
allowrsync
#allowsvnserve

The next command has few parameters:

-g is the group
-d is home directory
-s is the shell


groupadd extusers
useradd -g extusers -d /home/niko/TLA -s /usr/bin/rssh tla

If you prematurely gave wrong home directory, use:

sudo usermod -d /home/niko/TLA tla

And if you gave wrong shell, then use:

sudo chsh -s /usr/bin/rssh tla

It is also important that the new user has read access to the directory we point to him:

chown -R tla:extusers /home/niko/TLA

You can look to the folder settings with this:

ls -la /home/niko/TLA

If everything is set up correctly, you should be able to use command line in any *nix computer and grab all the files in the folder with something like.

scp [email protected]:./* .

It is not necessary to give the full path because the user’s home directory is that folder. The IP address there has to be your IP address. Although in reality it may be more convenient to do something like:

rsync … (CHECK THIS LATER)

Since this allows to synchronise only the files which have actually changed.

Some useful commands

This shows where nologin shell is, in case you try to set that up: locate nologin This shows the users: cat /etc/passwd Shells are listed here: /etc/shells

Possibly needed commands

These were tried with some alternative methods I used, may not work there.

sudo nano /etc/ssh/sshd_config
#Subsystem      sftp    /usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp
Match group extusers
ChrootDirectory %h
ForceCommand internal-sftp
sudo service ssh restart