Michael Lazin on 6 Aug 2015 13:24:13 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users |
On Thu, Aug 6, 2015 at 3:24 PM, Michael Lazin <microlaser@gmail.com> wrote:
> The .ftpaccess is recursive, so if you put it on a directory that's served
> up on the web it will effect directories beneath it.
Hmm! So if I made a folder structure like - /Project/<userA>,
/Project/<userB> - and put this .ftpaccess file in /Project, then it
applies to ~/<userA>, etc. Useful!
> I tested this by
> putting it in a user's public_html directory on a debian server and
> attempting to transfer a file as that user via scp. I got permission
> denied. I have used ftp access files many times to limit ftp users rights
> but was unsure if it worked with scp too. Apparently it does. It does not
> prevent the user from connecting via ssh and deleting it however, unless it
> belonged to root or another user or group they don't have rights to.
Hrm. There's an issue - apparently we'd prefer them NOT to be able to
delete the files, either. We put the file; they read (i.e., download)
it; we come back and delete it.
Lather, rinse, repeat.
I may need to set the perms on each file I put out there to be
read-only for that user, and read-write for the group I am logged in
with.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug