Sometimes when setting up a machine to run services for not-very-well-trusted users (e.g. a web server), it may be advantageous to allow the users to copy files to the machine, but not to have any kind of shell access. Obviously, you can do this with FTP, but that’s old-hat and insecure. It would be better to have everyone scp the files over instead. Except… scp uses ssh, and so giving scp access also gives remote shell access to the users. Not what you really want in this situation.
It is possible, however, to set up a system where use of ssh is blocked, but scp is permitted. To do this, you can use a handy little tool called scponly. This should be available pre-packaged in most major distributions.
To use it, simply set the user’s login shell to /usr/bin/scponly, either when the user is created, or afterwards:
# adduser --shell /usr/bin/scponly <username>
or
# chsh -s /usr/bin/scponly <username>
The user will then be able to manipulate files on the remote machine using sftp or scp, but will not be able to log in directly. Note that the user will be able to view *all* of the files on the machine using the permissions of the user. If you want to restrict the user’s view of the world to just their own files, then you will need to use the chroot features of scponly.
Leave a Reply
You must be logged in to post a comment.