I just happened to notice that my UNIX groups, pulled from LDAP, don't show up correctly in file listings via SFTP. My LDAP system is correctly set up through pam_ldap & nss_ldap, such that LDAP-only account and group names show up just fine when looking at file ownership, etc. But when using SFTP, a directory listing only shows file ownership via the numeric UID/GID, not by the textual names like everything else.
My main normal-user account and group are in LDAP. See below for an example.
Via normal FTP, SSH shell, etc:
ftp> ls -l
229 Entering Extended Passive Mode (|||49026|)
150 Opening ASCII mode data connection for file list
drwxr-xr-x 8 sbalmos sbalmos 512 Jun 4 22:03 public_html
226 Transfer complete.
sftp> ls -l
<...snip unnecessary listings...>
drwxr-xr-x 0 2001 2001 512 Jun 4 18:03 public_html
Ideas on whether this is an SSHd setting somewhere, etc ? Thanks!
This is not an LDAP issue. I just tried SFTP - I'm seeing the same deal and I am using standard authentication. This seems to be the default behavior of SFTP or at least the particular version(s) of the SFTP client(s) that we are using.
Yeah, its not in the client, its the server. I can understand why this would be turned off, but in these days with nscd and everything you should be able to have it even if you use ldap (which for me is kinda slow, i never been able to get any real performance out of it. Right now im mirroring to a mysql db and do most of the queries (nss stuff mostly) there. But now i realize thats this isn't my thread