[SOLVED] Configuration FTP for acces VM or CT

S

SLB-Info

New Member
Jul 15, 2017
8
0
1
56
France
Hi all,

I don't fnd some solution for my problem.

Situation

2 users :

  • "root" to cconnect panel proxmox and connect ssh on panel proxmox or ssh VM with panl proxmox
  • "NameOfOneUser" to connect with ssh or FTP from extern connxion (from my home)

It's impossible to connect from external connextion with "root" or ftp

But, all CT have only one user : root. All and I change port #22 to #anotherport (like 12345)

How can i use my FTP client to connect from my home (external connexion) to my VMs ?

I hope you can understand me :S

Regards and hyppy Christmass

Sylvain
 
Hey,

it seems that is not really an PVE Problem, more an Problem with Configuration or misunderstanding.

Do you want to get an FTP / SSH Access to one CT or VM and not the Node itself, correct? If yes, you have to install an FTP Servies to the VM / CT and Configure the Users for them. It is not recommended to install an FTP Service on an HV itself. So far i do not recommend to use FTP, use FTPS or better SFTP for File Transfer.
 
Hi

It's exactly that...

I do not want connecting to on HV.

I'd would like to connect to CT or VM (CT for me) with FTPS or SSH (Not FTP)

At this time, It's impossible to connect CT without connecting from console from HV with my username and do sudo ssh to VM :S

I'm looking your suggestion...

Thanks
 
Well

I can't use root and I do not waant use root from PVE

Only on CT I can use root. Just the time to install all what I need.

That is for the secure.

PVE :
|_ SSH and SFTP root are off
|_ SSH and SFTP MyUser are ON
|__CT 1 : SSH root is On but only from PVE...
SFTP root is Out

I try to find a good secure to copy some files from my computer to CT (install soft is not a poblem)

With all your explination, I think I can do something...

I'll come boxk explain how I do... ;)

thanks
 
Well I see at least one problem with this config.
You should not have your vm user configured on host.
You need to understand virtualisation better.
Think of it this way.
Think of your host as a physical server room. And each vm is a phisical hardware server/computer you would have in a real server room.
 
Hi,

well, I know that and i agree with that. But my knoledge is very bad.

I have a dedicated server.
On this, it's installed proxmox.

I can't and i don't want being able to connect on this by root with ssh or ftp (sftp, fpts etc...)

I have an user name to connect on this with no root power

On PVE, I have few CT

Only one have access to internet. It's my proxy.

All other CT have not access to internet. Just temporary to upgrade system.

But now, I don't know how to connect on This CT tu put for exemple duppral, or another web application without use PVE

I read some possibilities like tunel but I don't have the knowledge.

Where can I find some explication ?

Thanks

Regards

Sylvain
the newbee :P
 
SLB-Info said:
But now, I don't know how to connect on This CT tu put for exemple duppral, or another web application without use PVE
Click to expand...

You wcan set up NAT on the Proxmox host.

So your connection should look like this:

Your home PC -> Public IP of Proxmox Host : Custom Port for SFTP/SSH -> Local IP of your CT : Port for SFTP/SSH

So for example, you can set up port 2222 on the Proxmox host to redirect to the port 22 of your CT. This way when you connect to your.proxmox.host:2222 it will actually go to the CT on port 22.

One way of doing such a setup can be found here https://snt.sh/2012/12/proxmox-and-using-nat-with-a-virtual-machine/

You can find more examples on the internet.
 
Hi all,

Well, my problem do not came from parameter of proxmox ar from NAT.

Juste for each CT (or VM), The configuration of ssh-config must to be adapted...

For connexting from my PC, permission for ROOT to connect => YES.
and when all I need to do are finished )> NO

Just that...

Ok I need to lear how use Linux xD

Thanks for help

My rule : ROOT not be authorized to connect on SHH or SFTP... and On NAT configuration : no possibility to open port like 22 or or other. Just what CT have need

Regards ;)

Sylvain
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom