Wondering how to fix EC2 remote readdir Permission denied? We can fix you!
Often our customers report to us that they get this error while connecting to Amazon EC2 Linux instance using a Secure File Transfer Protocol (SFTP) connection.
Here at Bobcares, we handle requests from our customers regarding similar issues as a part of our Server Management Services.
Today let’s see how our Support Engineers troubleshoot this for our customers with EC2 instances.
How to troubleshoot EC2 remote readdir Permission denied
Following are some basic steps that our Support Engineers follow for troubleshooting this error:
1. Verify that the instance meets SSH connection prerequisites.
2. Log in to the instance with verbose messaging on, for identifying the error.
3. Review the authentication and system logs for errors.
4. Verify that the SSHD configuration file has Subsystem for SFTP configured.
5. Resolve a Remote readdir Permission denied error.
1. Verify that the instance meets SSH connection prerequisites
SFTP works on top of SSH so we have to verify that the instance meets all SSH connection prerequisites.
1. Firstly, we have to check the instance status. This can be done by viewing the information in the Status check column on the Instances page.
2. Then get the public DNS name and user name to connect to the instance.
3. After that we can install an SSH client.
2. Review the authentication and system logs for errors
Following are the commands to check logs depending upon the OS:
RHEL and Fedora authentication log:
$ sudo less /var/log/secureRHEL and Fedora generic system logs:
$ sudo less /var/log/messagesDebian and Ubuntu authentication log:
$ sudo less /var/log/auth.logDebian and Ubuntu generic system logs:
$ sudo less /var/log/syslog3. Verify that the SSHD configuration file has a Subsystem for SFTP configured
We must check whether the SSHD configuration file has the subsystem for SFTP configured and the shared object file for sftp-server exists in the respective directory.
From the logs we will be able to see log that a subsystem request failed on channel 0 error If the SFTP connection closes due to a missing SFTP subsystem.
RHEL and Fedora-based distributions:
$ sudo grep Subsystem /etc/ssh/sshd_config
Subsystem sftp /usr/libexec/openssh/sftp-server
$ sudo ls -l /usr/libexec/openssh/sftp-server
-rwxr-xr-x. 1 root root 100784 Jun 26 2019 /usr/libexec/openssh/sftp-serverDebian and Ubuntu-based distributions:
$ sudo grep Subsystem /etc/ssh/sshd_config
Subsystem sftp /usr/lib/openssh/sftp-server
$ sudo ls -l /usr/lib/openssh/sftp-server
-rwxr-xr-x 1 root root 105608 Mar 4 2019 /usr/lib/openssh/sftp-server4. Resolve a remote readdir Permission denied error
The error remote readdir Permission denied indicates that the user attempting the SFTP connection doesn’t have the correct permissions.
We must ensure this permission using the following steps:
To verify that the user has permission to access the target directory we can use the following command:
ls -ldZ /directoryWe can check for access control list (ACL) permissions restricting user access with the following command:
getfacl /directoryAnd to verify that SELinux is enabled we can use the following command:
getenforce
[Need assistance? We can help you]
Conclusion
To conclude, we saw the steps that our Support Techs follow to fix EC2 remote readdir Permission denied error for our customers.
0 Comments