Admin user for linux based SFTP ServerSFTP with chroot in a folder that can not have root privilegesUbuntu...

Current across a wire with zero potential difference

What makes papers publishable in top-tier journals?

How can the probability of a fumble decrease linearly with more dice?

Best way to strengthen a wheel?

Is there a verb that means to inject with poison?

How do you get out of your own psychology to write characters?

What senses are available to a corpse subjected to a Speak with Dead spell?

What will happen if I transfer large sums of money into my bank account from a pre-paid debit card or gift card?

How does Leonard in "Memento" remember reading and writing?

Why does 0.-5 evaluate to -5?

Microtypography protrusion with Polish quotation marks

Why did Luke use his left hand to shoot?

Has any human ever had the choice to leave Earth permanently?

Translation needed for 130 years old church document

Plausible reason for gold-digging ant

After checking in online, how do I know whether I need to go show my passport at airport check-in?

Do authors have to be politically correct in article-writing?

"Starve to death" Vs. "Starve to the point of death"

Is there any risk in sharing info about technologies and products we use with a supplier?

Book where a space ship journeys to the center of the galaxy to find all the stars had gone supernova

Saint abbreviation

How to access internet and run apt-get through a middle server?

How would an AI self awareness kill switch work?

Does a paladin have to announce that they're using Divine Smite before attacking?



Admin user for linux based SFTP Server


SFTP with chroot in a folder that can not have root privilegesUbuntu 12.10 folder permissions (lost access to any folders after setting up sftp)chrooted sftp user with write permissions to /var/www1 chroot sftp user that is able to traverse all other chroot sftp users files/foldershow to allow both Apache and sftp users write in user public folders?Can't sftp into server Permission denied, please try againhow to restrict sftp only users to specific folder within the chroot directoryChanged ssh AllowUsers option and lost access to Ubuntu 14.04Change SFTP user's permissions when transferring files to webserverGCP: Can not ssh to instance after sftp config setting (ForceCommand internal-sftp)













0















I am able to successfully setup a SFTP user group and SFTP users using the below script on an AWS EC2 instance. While I was able to restrict SFTP users in the sftp_users group from accessing one other's directories and their contents, I now need to be able to create a admin SFTP user who can access and browse through all the contents for all SFTP folders and move stuff around. Is this possible? Like I have stated, my requirement would be to create individual SFTP users with access to ONLY their individual folders and to create a admin / super user who can access all the users sftp folders via SFTP. It is okay if the admin user has access to all file system along with SFTP users folders. I tried researching online with my limited linux skills in this context, but could not arrive at anything.



echo "`date` Creating SFTP directory...."
mkdir -p /data/sftp

echo "`date` updating sshd_config"
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
echo 'Match Group sftp_users' >> /etc/ssh/sshd_config
echo 'ChrootDirectory /data/sftp' >> /etc/ssh/sshd_config
echo 'ForceCommand internal-sftp' >> /etc/ssh/sshd_config

echo "`date` Set permissions to 701 for all folders on the efs mount"
chmod -R 701 /data

echo "`date` Set owner to root:root for all folders on the efs mount"
chown -R root:root /data

echo "`date` adding sft_users group"
groupadd sftp_users

echo "`date` restarting sshd"
systemctl restart sshd

###### Below is my user creation script that I eventually use to create individual SFTP users ######
echo "`date` creating /usr/local/bin/create_sftp_user.sh"
echo -e '#!/bin/bashnnUSER_NAME=$1nuseradd -g sftp_users -d /$USER_NAME -s /sbin/nologin $USER_NAMEn' > /usr/local/sbin/create_sftp_user.sh
echo -e 'passwd $USER_NAMEnmkdir -p /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
echo -e 'chown $USER_NAME:sftp_users /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
echo -e 'chmod 700 /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
chmod +x /usr/local/sbin/create_sftp_user.sh








share







New contributor




Satya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    0















    I am able to successfully setup a SFTP user group and SFTP users using the below script on an AWS EC2 instance. While I was able to restrict SFTP users in the sftp_users group from accessing one other's directories and their contents, I now need to be able to create a admin SFTP user who can access and browse through all the contents for all SFTP folders and move stuff around. Is this possible? Like I have stated, my requirement would be to create individual SFTP users with access to ONLY their individual folders and to create a admin / super user who can access all the users sftp folders via SFTP. It is okay if the admin user has access to all file system along with SFTP users folders. I tried researching online with my limited linux skills in this context, but could not arrive at anything.



    echo "`date` Creating SFTP directory...."
    mkdir -p /data/sftp

    echo "`date` updating sshd_config"
    sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
    echo 'Match Group sftp_users' >> /etc/ssh/sshd_config
    echo 'ChrootDirectory /data/sftp' >> /etc/ssh/sshd_config
    echo 'ForceCommand internal-sftp' >> /etc/ssh/sshd_config

    echo "`date` Set permissions to 701 for all folders on the efs mount"
    chmod -R 701 /data

    echo "`date` Set owner to root:root for all folders on the efs mount"
    chown -R root:root /data

    echo "`date` adding sft_users group"
    groupadd sftp_users

    echo "`date` restarting sshd"
    systemctl restart sshd

    ###### Below is my user creation script that I eventually use to create individual SFTP users ######
    echo "`date` creating /usr/local/bin/create_sftp_user.sh"
    echo -e '#!/bin/bashnnUSER_NAME=$1nuseradd -g sftp_users -d /$USER_NAME -s /sbin/nologin $USER_NAMEn' > /usr/local/sbin/create_sftp_user.sh
    echo -e 'passwd $USER_NAMEnmkdir -p /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
    echo -e 'chown $USER_NAME:sftp_users /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
    echo -e 'chmod 700 /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
    chmod +x /usr/local/sbin/create_sftp_user.sh








    share







    New contributor




    Satya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      0












      0








      0








      I am able to successfully setup a SFTP user group and SFTP users using the below script on an AWS EC2 instance. While I was able to restrict SFTP users in the sftp_users group from accessing one other's directories and their contents, I now need to be able to create a admin SFTP user who can access and browse through all the contents for all SFTP folders and move stuff around. Is this possible? Like I have stated, my requirement would be to create individual SFTP users with access to ONLY their individual folders and to create a admin / super user who can access all the users sftp folders via SFTP. It is okay if the admin user has access to all file system along with SFTP users folders. I tried researching online with my limited linux skills in this context, but could not arrive at anything.



      echo "`date` Creating SFTP directory...."
      mkdir -p /data/sftp

      echo "`date` updating sshd_config"
      sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
      echo 'Match Group sftp_users' >> /etc/ssh/sshd_config
      echo 'ChrootDirectory /data/sftp' >> /etc/ssh/sshd_config
      echo 'ForceCommand internal-sftp' >> /etc/ssh/sshd_config

      echo "`date` Set permissions to 701 for all folders on the efs mount"
      chmod -R 701 /data

      echo "`date` Set owner to root:root for all folders on the efs mount"
      chown -R root:root /data

      echo "`date` adding sft_users group"
      groupadd sftp_users

      echo "`date` restarting sshd"
      systemctl restart sshd

      ###### Below is my user creation script that I eventually use to create individual SFTP users ######
      echo "`date` creating /usr/local/bin/create_sftp_user.sh"
      echo -e '#!/bin/bashnnUSER_NAME=$1nuseradd -g sftp_users -d /$USER_NAME -s /sbin/nologin $USER_NAMEn' > /usr/local/sbin/create_sftp_user.sh
      echo -e 'passwd $USER_NAMEnmkdir -p /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
      echo -e 'chown $USER_NAME:sftp_users /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
      echo -e 'chmod 700 /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
      chmod +x /usr/local/sbin/create_sftp_user.sh








      share







      New contributor




      Satya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      I am able to successfully setup a SFTP user group and SFTP users using the below script on an AWS EC2 instance. While I was able to restrict SFTP users in the sftp_users group from accessing one other's directories and their contents, I now need to be able to create a admin SFTP user who can access and browse through all the contents for all SFTP folders and move stuff around. Is this possible? Like I have stated, my requirement would be to create individual SFTP users with access to ONLY their individual folders and to create a admin / super user who can access all the users sftp folders via SFTP. It is okay if the admin user has access to all file system along with SFTP users folders. I tried researching online with my limited linux skills in this context, but could not arrive at anything.



      echo "`date` Creating SFTP directory...."
      mkdir -p /data/sftp

      echo "`date` updating sshd_config"
      sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
      echo 'Match Group sftp_users' >> /etc/ssh/sshd_config
      echo 'ChrootDirectory /data/sftp' >> /etc/ssh/sshd_config
      echo 'ForceCommand internal-sftp' >> /etc/ssh/sshd_config

      echo "`date` Set permissions to 701 for all folders on the efs mount"
      chmod -R 701 /data

      echo "`date` Set owner to root:root for all folders on the efs mount"
      chown -R root:root /data

      echo "`date` adding sft_users group"
      groupadd sftp_users

      echo "`date` restarting sshd"
      systemctl restart sshd

      ###### Below is my user creation script that I eventually use to create individual SFTP users ######
      echo "`date` creating /usr/local/bin/create_sftp_user.sh"
      echo -e '#!/bin/bashnnUSER_NAME=$1nuseradd -g sftp_users -d /$USER_NAME -s /sbin/nologin $USER_NAMEn' > /usr/local/sbin/create_sftp_user.sh
      echo -e 'passwd $USER_NAMEnmkdir -p /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
      echo -e 'chown $USER_NAME:sftp_users /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
      echo -e 'chmod 700 /data/sftp/$USER_NAMEn' >> /usr/local/sbin/create_sftp_user.sh
      chmod +x /usr/local/sbin/create_sftp_user.sh






      linux ssh permissions sftp





      share







      New contributor




      Satya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.










      share







      New contributor




      Satya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.








      share



      share






      New contributor




      Satya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 9 mins ago









      SatyaSatya

      1011




      1011




      New contributor




      Satya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Satya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Satya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          0






          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          Satya is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1409595%2fadmin-user-for-linux-based-sftp-server%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          Satya is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          Satya is a new contributor. Be nice, and check out our Code of Conduct.













          Satya is a new contributor. Be nice, and check out our Code of Conduct.












          Satya is a new contributor. Be nice, and check out our Code of Conduct.
















          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1409595%2fadmin-user-for-linux-based-sftp-server%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Why not use the yoke to control yaw, as well as pitch and roll? Announcing the arrival of...

          Couldn't open a raw socket. Error: Permission denied (13) (nmap)Is it possible to run networking commands...

          VNC viewer RFB protocol error: bad desktop size 0x0I Cannot Type the Key 'd' (lowercase) in VNC Viewer...