-
-
Save raojeet/c0a20132f3fd793fe16a41c81855bb02 to your computer and use it in GitHub Desktop.
Revisions
-
raojeet revised this gist
Jul 9, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -10,7 +10,7 @@ fi read -p 'Enter sftp username to create: ' username echo Creating user account for $username adduser $username --shell /sbin/nologin echo Creating SSH keys for user mkdir /home/$username/.ssh -
Jul 9, 2020 . 1 changed file with 0 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,4 @@ #!/bin/bash # Assumes SSH is setup already with publickey authentication, i.e. # PubkeyAuthentication yes # PasswordAuthentication no -
thomascannon created this gist
Aug 25, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,42 @@ #!/bin/bash # Quick 'n dirty script to setup a sftp service # Based on a default Ubuntu server install # Assumes SSH is setup already with publickey authentication, i.e. # PubkeyAuthentication yes # PasswordAuthentication no if [ "$EUID" -ne 0 ] then echo "Please run with sudo" exit fi read -p 'Enter sftp username to create: ' username echo Creating user account for $username adduser $username --shell /sbin/nologin --disabled-password echo Creating SSH keys for user mkdir /home/$username/.ssh ssh-keygen -f $username cp ./$username.pub /home/$username/.ssh/authorized_keys chown -R $username.$username /home/$username/.ssh mv ./$username ./$username.key echo Creating sftp chroot directory for user mkdir -p /var/sftp/$username chown root.root /var/sftp chown $username.$username /var/sftp/$username echo Modifying sshd_config to use internal-sftp which supports chroot sudo sed -i '/^Subsystem\s*sftp/c\Subsystem sftp internal-sftp' /etc/ssh/sshd_config echo Adding sftp config for user to sshd_config cat <<EOT >> /etc/ssh/sshd_config Match User $username ChrootDirectory /var/sftp ForceCommand internal-sftp AllowTcpForwarding no X11Forwarding no EOT echo Done. Run 'service sshd restart' to pick up changes echo Provide ./$username.key to user so they can authenticate.