How do I copy files into `/var/www` with WinSCP?

apache-http-server amazon-ec2 winscp

When I try to place my web files into /var/www in apache on my ec2 Ubuntu instance it is giving me an error stating that I don't have permission. 

Permission denied.
Error code: 3
Error message from server: Permission denied
Request code: 3

How do I give myself permission to do this or what is the best way to copy files to /var/www with WinSCP?


I was getting the same error in WinSCP. One solution is to change the ownership of the '/www/' folder using chown. That way, you can make the user you log in with into the owner instead of 'root' being owner. I am using an instance of Amazon Linux rather than Ubuntu, but this command worked for me:

sudo chown -R -v ec2-user /var/www/

The user 'ec2-user' is the user I log in with.

Potentially Useful links

  • alestic.com: Using sudo, ssh, rsync on the Official Ubuntu Images for EC2
  • apache.com: Command List

Enable write permissions for the user logging in thru WinSCP. There are two ways to do this.

The first way is to change the permissions on the folder to allow anyone to write to it. This isn't the best security.

chmod 777 /var/www


The second way is to add your user to the group owning the directory, and then setting permissions for the group to write to the directory.

Find out who owns the directory:

ls -l /var | grep www

You'll see something like: drwxr-x--- 9 www-data www-data 4096 Jul 14 2009 www The important thing to note are the two names root and root. In this case, the owner of the directory is www-data, and the group of the directory is www-data. So now you'll add your user to group www-data.

usermod -G www-data user

Now just add the write permission to the group.

chmod 770 /var/www

Now

ls -l /var | grep www

should return: drwxrwx--- 9 www-data www-data 4096 Jul 14 2009 www

With this you'll be able to write to the directory, while not opening up write privileges to everyone.


on ec2 this works for me. login to box via putty with user "ec2-user" and use commands : 

sudo root
chmod 777 <NAME_OF_FOLDER>

Note : this grants write access for all users.

Should now be able to write using WinScp.


The following tutorial worked for me and provides helpful screenshots. Logging in as a regular user with sudo permissions simply required tweaking a few WinSCP options: http://cvlive.blogspot.de/2014/03/how-to-login-in-as-ssh-root-user-from.html

Set Session/File protocol to: SCP, enter host/instance ip, port - usually 22, and regular username. Enter password credentials if the login requires it. Add the user's corresponding Private key file in Advanced/SSH/Authentication.

Unchecking Advanced/SSH/Authentication/attempt "keyboard interactive" authentication should allow Advanced/Environment/SCP Shell/Shell/Shell: sudo su - to provide sudo permissions for accessing webserver directories as a non-owner user.

Update: 08/03/2017

WinSCP logging can be helpful to troubleshoot issues.

winscp.net/eng/docs/logging:

[WinSCP] Logging can be enabled from Logging page of Preferences dialog. Logging can also be enabled from command-line using /log and /xmllog parameters respectively, what is particularly useful with scripting. In .NET assembly, session logging is enabled using Session.SessionLogPath1).

Depending on WinSCP connection errors, some server installations may need a directive added to the (Ubunto, CentOS, other-Linux-Server) /etc/sudoers file to not require TTY for a specified user. Creating a file in /etc/sudoers.d/ (using a tool such as Amazon Command Line Interface or PuTTY) may be a better option than editing /etc/sudoers. Some /etc/sudoers versions recommend it:

This file MUST be edited with the 'visudo' command as root. Please consider adding local content in /etc/sudoers.d/ instead of directly modifying this file. See the man page for details on how to write a sudoers file.

When editing a sudoers file (as root) through the command-line, the 'visudo' command should be used to open the file as it will parse the file for syntax errors. /etc/sudoers.d/ files are typically owned by root and chmoded with minimal permissions. The default /etc/sudoers file may be referenced as it should automatically have recommended chmod permissions on installation. e.g.: 0440 r--r----- .

superuser.com/a/869145 :

visudo -f /etc/sudoers.d/somefilename

Defaults:username !requiretty

Helpful Links:

  • Stackoverflow: stackoverflow.com/questions/25688850/cloud-init-how-to-add-default-user-to-sudoers-d
    • www.digitalocean.com/community/tutorials/how-to-edit-the-sudoers-file-on-ubuntu-and-centos

WinSCP Forum: - winscp.net/forum/viewtopic.php?t=3046 - winscp.net/forum/viewtopic.php?t=2109

WinSCP Doc: https://winscp.net/eng/docs/faq_su

With SCP protocol, you can specify following command as custom shell on the SCP/Shell page of Advanced Site Settings dialog:

sudo -s

[...]

Note that as WinSCP cannot implement terminal emulation, you need to have sudoers option requiretty turned off.

Instructions in Ubuntu Apache /etc/sudoers recommend adding directives to /etc/sudoers.d rather than editing /etc/sudoers directly. Depending on the installation, adding directive to /etc/sudoers.d/cloud-init may work as well.

It may be helpful to create an SSH test user with sudo permissions by following the steps provided in instance documentation to ensure that the user has recommended instance settings and any updates to server sudoer files can be effected and removed without affecting other users.

Related

Why does `route` hang for a while before the route table being dumped?
How to autofill Excel cells by week?
How do multiple SSIDs provide security?
Reattaching screen (having irssi running) forces window resize
How to open a set of tabs together quickly?
Recording only one window in Gnomes 3 default desktop recorder
curl http_code of 000
How to insert underbrace in a word document
Play VLC stream without interface
Does Windows 10 have a built-in SSH server?
How to generate random string from a set of available strings in Excel?
Patched fonts not showing up on gnome-terminal