Friday, January 6, 2017

ubuntu - Setup a secondary SSH/SFTP user with limited directory access

I am trying to create a new secondary user that has access to SFTP files and SSH access to a specific directory.



I have the SFTP work, but when I try to login via SSH, I get the following error: Write failed: Broken pipe



The root user uses a public/private key, but I want the secondary user to use a password.



Here is what I have so far:



useradd test

passwd test
usermod -G www-data test
usermod -d /usr/share/nginx/html test
chown test:www-data /usr/share/nginx/html


As for additions to my sshd_config:



AllowUsers test


Match User test
        ChrootDirectory /usr/share/nginx/html
        PasswordAuthentication yes
        X11Forwarding no
        AllowTcpForwarding no
        ForceCommand internal-sftp


All I have left to do is to get the test user to be able access the CLI in their home directory to run composer and artisan commands.

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...