4.8.18. HOWTO Enable SFTP Restricted Accounts¶
This section describes the method for restricting an account to SSH File Transfer Protocol (SFTP) access only.
4.8.18.1. Add a User¶
Create a user account based on the following example.
user { "foo":
uid => <UID>,
gid => <GID>,
shell => <Path to SFTP Server>
}
On a SIMP system, shell would be: "/usr/libexec/openssh/sftp-server"
4.8.18.2. Modify /etc/shells
¶
To modify /etc/shells
to include the shell information provided in the
previous user account example, add common::shells
in Hiera, and add
/usr/libexec/openssh/sftp-server
to the list.