4 Sep
2015
4 Sep
'15
11:25 a.m.
On 03/09/2015 16:49, Hugo Mills wrote:
On Thu, Sep 03, 2015 at 04:42:27PM +0100, Murray Crane
wrote:
Another option would be to allow only SFTP, rather than SCP, which (if
the installed OpenSSH version supports it), wouldn't require any
additional software. Most clients that support SCP also support SFTP
https://serverfault.com/questions/354615/allow-sftp-but-disallow-ssh
Misha
--
Misha Gale
PGP Public Key: 0x6F109D93 http://mishagale.co.uk/pubkey.asc
Hi all,
Hoping to crowdsource your knowledge.
In Ubuntu/Debian, is it possible to set up the www-data user with SSH
access (for development purposes; read/write to the web server document
root) but not "shell access" otherwise?
The SSH will be pub-key only, but I already know how to do such things (to
avoid obvious "do it key only" suggestions).
Kind regards
There's a project called scponly that you can use to set this
up. You set it as the login shell for the account, and it implements
the absolute minimum that a shell needs to do to support scp, without
giving any kind of interactive access.
Hugo.