![]() ![]() Passwd: all authentication tokens updated successfully. This is easily done via the passwd command:Ĭhanging password for user sftp_download. # useradd sftp_download -s /sbin/nologin -M This tells useradd not to create a home directory for the user: The other option I pass on is the -M option. This is not a shell but a command that “ politely refuses a login“, as the man page for this program says. That way, I disable SSH access into my server for that user. In this case, as I only want to allow people to sftp into the machine, I define the shell as /sbin/nologin. The -s option allows me to specify which shell the user should get when logging on into the machine via ssh. Creating one is rather simple with the useradd command. The first step is to create a dedicated Linux user that people can use to sftp into the server. Enter your sftp user password and confirm. ![]() ![]() Note, all commands below are executed as the root user: tl dr Luckily, setting something like this up was much easier than I thought, and here is how you can do it yourself. What I needed was some way of giving them a user which was self-contained, with no SSH privileges and bound to a single location on the filesystem. However, I didn’t want to give them full access to the entire machine where they could randomly up- and download files anywhere. SFTP is setup by default on my Linux environment, so them accessing the machine was trivial. So I wanted to get it onto my server so that folks could grab it via SFTP from there. Recently I had the need to share a zip file with a bunch of people that was big enough not to fit into email anymore. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |