Score:0

blacklisting download from sftp for a single user

br flag

I need to create a user that can use ssh, but not download files through sftp. I've googled a lot, and had try a lot of configurations, but none of them work. So I think the only way to do it, it's not disabling sftp for that user, but blacklisting the download of files from the server for him. is there a way to do it? I need that the user can go though files and see her size, and some other properties, but not download them. My system is an Ubuntu 16.04. I've already tried to edit the /etc/ssh/sshd_config file and edit/including the lines:

Subsystem sftp internal-sftp  
Match User notdownloaderuser
   ForceCommand internal-sftp -p read

and including after restart the services (ssh and sshd) it won't work, ssh terminal exited with code 1 (without the above lines it works fine)

Any ideas?

Orbán Zoltán avatar
cn flag
I think this referrers or the same like this question: https://serverfault.com/questions/290843/how-to-disable-sftp-for-some-users-but-keep-ssh-enabled
tnt80 avatar
br flag
@OrbánZoltán I've tried that, but the solutions proposed don't worked in my case, I don't need to limit the ssh to a single application, I need them to can see the disk free space, the size of the files, to know the state of the server, so I the list of commands to allow will be huge, and the solutions proposed there only works to limit ssh to a single application. But thanks for the link,
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.