I want to give someone permission to host some simple files on my Ubuntu webserver. This is for an IRC logging bot. I'd like to give them passwordless ssh/scp/rsync/sftp access. However I want to be able to restrict what they can do, I don't want to give them a full ssh shell in otherwords. I'd also like to be able to limit the amount of disk space they can take up, so they can't use more than (say) 200MB of my disk in total.
Bonus options that aren't required but might be nice: Limit what sort of files they can upload? (Mime type maybe?) Log when they upload a file? Limit their bandwidth?
What are my options?
Best Answer
On Ubuntu/Debian, you can install the
scponly
shell to restrict them to scp/sftp only. Just install the package and change their shell to/usr/bin/scponly
:The disk space problem is likely best solved with filesystem quotas. Unfortunately I have little experience with them.
If you want to get fancier (restricting filetypes and such) you'll probably need to write your own script to validate the commands being passed from the client. The simplest script would be a shell script that performs a test similar to this one:
That would allow downloading .txt files. Quick tests indicate the filename is not passed as part of the scp command when sending. So it may not be possible in that case.
The script would be set as the forced command for the user's key. (The ``command="blah"'' field in authorized_keys.) It can also be set as the "ForceCommand" option for a Match group in sshd_config, like so:
Match group scponly ForceCommand /usr/local/sbin/scpwrapper
Then add the users to be so restricted to the "scponly" group.
EDIT: By request, here's the script I use to enforce rsync-only access:
Use that script as a forced command (either by "command=" in ~/.ssh/authorized_keys or using a "Match" block in sshd_config as noted above) and it will reject everything except rsync commands. With a little tweaking it could be made to only accept specific rsync commands.