breaking into the unknown…

permission denied to ssh user

Leave a comment

I have deployed my app using mina recently. It worked smoothly. Somehow, I have created the folder where I want to deploy my application , manually on the server. I also want to automate the folder creation step during the setup process.

I added below line to the setup action to my deploy.rb file. You can get the detail explanation here

queue! %[sudo mkdir -p “#{deploy_to}” && sudo chown -R kapil “#{deploy_to}”] # kapil is username of the server, replace it with yours

on running the setup command, I got below error.

$ mina setup_staging
—–> Setting up /var/www/
mkdir: cannot create directory `/var/www/’: Permission denied
!     ERROR: Setup failed.
!     Ensure that the path ‘/var/www/’ is accessible to the SSH user.

So, the message is clear.  The folder is not accessible to ssh user.  My server is running on linux machine. I need to grant proper permission to ssh user, which is basically equivalent to a outside user. Linux define permission at three level owners, group, ans outside users. find details about linux permission here. Here, my solution is to provide proper permission to /var/www folder for outhside users like ssh user

I ssh to my server machine from my system as below

$ ssh kapil@ # my server is hosted at kapil@
Welcome to Ubuntu 12.04.1 LTS (GNU/Linux 3.2.0-31-generic-pae i686)
root@f3-MS-7636:~# cd /var/ # moved to var folder
root@f3-MS-7636:/var# ls -l #it will list all the files and folders with available permissions
drwxr-xr-x  2 root root     4096 Oct 31 07:41 backups
drwxrwxrwt  2 root root     4096 Nov  5 15:30 tmp
drwxr-xr-x  2 root root     4096 Nov  5 14:41 www #thus drwxr-xr-x means that www is a directory, with owner having rwx permission and group and outside user having ony r-x i,e read and execute permission. We will grant the all permission to ssh user as below.
root@f3-MS-7636:/var# chmod 757 www -R # this will change permission of www folder within var folder
root@f3-MS-7636:/var# ls -l
drwxr-xr-x  2 root root     4096 Oct 31 07:41 backups
drwxrwxrwt  2 root root     4096 Nov  5 15:54 tmp
drwxr-xrwx  2 root root     4096 Nov  5 14:41 www # thus now you can see that the last user have all the permissions

Now, when you run the setup command, it will successfully do the setup

$ mina setup_staging
———-> configuring staging server
—–> Using RVM environment ‘ruby-1.9.3-p194’
Using /home/kapil/.rvm/gems/ruby-1.9.3-p194
—–> Setting up /var/www/

total 16
drwxrwxr-x 4 kapil kapil 4096 Nov  5 15:59 .
drwxr-xrwx 3 root  root  4096 Nov  5 15:59 ..
drwxrwxr-x 2 kapil kapil 4096 Nov  5 15:59 releases
drwxrwxr-x 2 kapil kapil 4096 Nov  5 15:59 shared

—–> Done.

NOTE : Though, I have automated the application root folder creation. I later reverted it back. I felt that, /var/www is sensitive folder in term of security so it is not good practice to allow write permission to outside users. Since, it is one time process, It is better to create the root folder manually at the time of setting basic infrastructure of server like rvm, nginx etc.

Author: arunyadav4u

over 7 years experience in web development with Ruby on Rails.Involved in all stage of development lifecycle : requirement gathering, planing, coding, deployment & Knowledge transfer. I can adept to any situation, mixup very easily with people & can be a great friend.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s