Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello,
I need to set a server up for users to be able to upload files with sftp and with certificate based authentication.
The users shouldnt be able to open terminals, browse the directory structure or anything like that, only upload files to a folder and rename them to another folder when upload is complete.
how can the server be set up for this purpuse without allowing ssh and ideally with account management separate from the OS?
was looking at vsftpd but I cant figure out whether this is supported and how.
well you need to work out if you want ftp or sftp. sftp is a subsystem of ssh, and is not compatible with ftp at all. vsftpd with a chroot jail can definitely do exactly what you want, and sftp can also do what you want, but they are not the same thing. Actually, I'm not sure how easy it is to use virtual users in ssh, but it's a very standard thing with servers like vsftpd.
yes, sftp would just about exclusively provided by OpenSSH. You could authenticate from a secondary source with ssh, however it would, as I understand the architectures, it would have to be the same authentication as SSH in general, which would probably be an issue. a separate instance of ssh might suffice, but you've need to change the pam service name, which I've never looked into to know if it's feasible at all.
You need to google a bit to find them, but there are a TON of pages on how to do exactly this with different versions of OpenSSH. You do NOT need any other software, OpenSSH has all you need.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.