Nov 21

Restricting Shell for only SCP/SFTP

, , Add comments

If you have a server, but only want to allow users to copy files via sFTP without providing shell access. This can be done with rssh, a restricted shell for use with OpenSSH that allows only scp and/or sftp.

To install rssh

$ apt-get install rssh

By default rssh doesn’t allow anything, to allow only sftp modify the rssh.conf file.

$ nano /etc/rssh.conf

Uncomment the line for allowsftp and other transfer protocols you want to enable.

#allowscp
allowsftp
#allowcvs
#allowrdist
#allowrsync

To restrict a user to only allow sftp access, modify the /etc/passwd file

$ nano /etc/passwd

For example

ftp:x:100:100::/home/ftp:/usr/bin/rssh

Related posts:

  1. Restricting Shell Users to their Home Directory
  2. Apache HTTP Authentication
  3. Configuring Apache for SSL Support
  4. Apache for Ubuntu Quickstart Guide
  5. Setting up ddclient on Ubuntu

Comments are closed.

WP Theme & Icons by N.Design Studio
Entries RSS Comments RSS Log in