Error in creating downloads folder
sudo addsftpuser test
Account for test exists
Setting ownership on home folder to root.
Allowing users to traverse home directory.
Adding user to sftponly group.
usermod: no changes
Disabling user's shell
Creating folder /home/test/home/test/
Would you like to create a new SSH key for user test? [y/N]: n
Skipping key creation. You may add a key manually by appending user's public key to .ssh/auhthorized_keys
Please select an option for Server Side Encryption. If you are not sure, we recommend
that you choose option 1. Only choose option 4 if you are positive you do not want any encryption whatsoever.
Refer to our wiki for more information -
https://bitbucket.org/thorntechnologies/sftpgateway-public/wiki/SSE
1. I want Amazon S3 to manage Server Side Encryption for me (SSE-S3).
2. I have an AWS KMS Key ARN that I want to use for Server Side Encryption (SSE KMS)
3. I have a base64-encoded AES-256 encryption key string that I can copy and paste (SSE-C).
4. I do not want to use server side encryption.
5. Skip this and do not change anything.
[1-5]: 1
Amazon S3-managed encyption keys (SSE-S3) will be used for server side encryption.
Would you like to modify the current S3 location (vpc-reet-common-prod/test/fromgeep/) for this user?
[y/N]: n
Would you like to setup a private S3 download directory for this user? Only this user will be able to download
S3 files from this directory. [y/N]: y
HTTPSConnectionPool(host='s3.amazonaws.com', port=443): Max retries exceeded with url: /vpc-reet-common-prod/test/togeep/ (Caused by ConnectTimeoutError(<botocore.awsrequest.AWSHTTPSConnection object at 0x7f851a829450>, 'Connection to s3.amazonaws.com timed out. (connect timeout=60)'))
Unable to create togeep/ in S3 Bucket vpc-reet-common-prod. Downloads may not work as expected.
Please check the bucket permissions and try again.
Would you like to setup a shared S3 download directory for this user? All SFTP users will be able to download
the same files from this shared S3 location. [y/N]: y
mount: special device /opt/sftpgw/shared/ does not exist
Successfully modified SFTP user test
HTTPSConnectionPool(host='s3.amazonaws.com', port=443): Max retries exceeded with url: /vpc-reet-common-prod/test/togeep/ (Caused by ConnectTimeoutError(<botocore.awsrequest.AWSHTTPSConnection object at 0x7f851a829450>, 'Connection to s3.amazonaws.com timed out. (connect timeout=60)')) Unable to create togeep/ in S3 Bucket vpc-reet-common-prod. Downloads may not work as expected. Please check the bucket permissions and try again.
The IAM role has been given full s3 permission for that bucket.
The upload works fine, so it can write to bucket.
The region is Seoul - ap-northeast-2
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:HeadBucket"
],
"Resource": "*"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::vpc-reet-common-prod",
"arn:aws:s3:::vpc-reet-common-prod/*"
]
}
]
}
Comments (2)
-
reporter -
- changed status to resolved
Troubleshooting for this issue took place via email. Resolution seemed to have been setting the region in
aws configure
(perhaps a local AWS profile was configured along the way) - Log in to comment
I tried rerunning the add stfpuser command with an yes for same downloads folder: same issue.