How to set up ssh-only user with minimal privileges?
Dan Purgert
dan at djph.net
Thu Apr 2 15:59:01 UTC 2015
On Thu, 02 Apr 2015 16:22:59 +0200, Petter Adsen wrote:
> I have a short script running from cron on a server running 14.10, that
> creates a small backup of essential system files. What I want to do is
> set up this script to scp the tarball to another, remote system.
>
> So, I need to create an account on the remote system and set up keys,
> but I want this account to only be able to deposit the archive
> somewhere, and not be able to get to a shell or do anything else.
>
> Is it enough to set the shell for the user to something like /bin/false?
> Will that user still be able to deposit the file via scp? Is there
> anything else I can do to lock down that account?
>
> Petter
yep, /bin/false should do it. Just make sure you give them a home
directory for dumping files to (cron move job or something can handle it
from there).
More information about the ubuntu-users
mailing list