Linux – Allow scp/ssh for www-data user

amazon ec2linuxsshUbuntuusers

I am on Amazon EC2 using Ubuntu 10.04.2

My web folder is owned by www-data so I want to be able to log into my server as www-data for ssh and scp.

Thanks!

Adding the line to my /etc/ssh/sshd_config does not seem to work.

AllowUsers www-data

Best Answer

On Debian, which Ubuntu is based on, the www-data user has /bin/sh as the default shell. To enable SFTP, you can create /var/www/.ssh/authorized_keys with you public key in it. The permissions on /var/www/.ssh should be 700, and the permissions on the authorized_keys file should be 600. You'll want to add the following to your http configuration to prohibit access to this directory.

<Directory /var/www/.ssh>
  Order Deny,Allow
  Deny from all
</Directory>

You can verify the www-data users settings (home dir, shell, etc) using getent passwd www-data.

Make sure your sshd_config has Subsystem sftp /usr/lib/openssh/sftp-server, and you'll probably want to set PasswordAuthentication no also.

Best Answer

Related Solutions

Why getting a permission denied (public key) error for SCP when SSH works

Ssh – Ubuntu EC2 instance, changed root home directory and now unable to SSH in

Related Topic