Re: [bitfolk] SSH query

Top Page
Author: Hugo Mills
Date:  
To: Murray Crane
CC: users
Subject: Re: [bitfolk] SSH query

Reply to this message
gpg: Signature made Thu Sep 3 15:49:34 2015 UTC
gpg: using RSA key 585E1475E2AB1DE4
gpg: Can't check signature: No public key
On Thu, Sep 03, 2015 at 04:42:27PM +0100, Murray Crane wrote:
> Hi all,
>
> Hoping to crowdsource your knowledge.
>
> In Ubuntu/Debian, is it possible to set up the www-data user with SSH
> access (for development purposes; read/write to the web server document
> root) but not "shell access" otherwise?
>
> The SSH will be pub-key only, but I already know how to do such things (to
> avoid obvious "do it key only" suggestions).
> Kind regards


There's a project called scponly that you can use to set this
up. You set it as the login shell for the account, and it implements
the absolute minimum that a shell needs to do to support scp, without
giving any kind of interactive access.

Hugo.

> Murray Crane


> _______________________________________________
> users mailing list
> users@???
> https://lists.bitfolk.com/mailman/listinfo/users



-- 
Hugo Mills             | I spent most of my money on drink, women and fast
hugo@... carfax.org.uk | cars. The rest I wasted.
http://carfax.org.uk/  |
PGP: E2AB1DE4          |                                            James Hunt