Restrict users to sftp/scp only, no interactive shell

I have a web server that I allow people to access via ftp. I'd like to allow people to sftp/scp in as well, but I do not want to give them interactive shell access via ssh. RSSH to the rescue! Once installed just set the user's shell to /usr/bin/rssh and put them in the rsshusers group.
  1. yum install rssh
  2. Add /usr/bin/rssh to /etc/shells
  3. Edit /etc/rssh.conf and uncomment allowscp and allowsftp
  4. usermod -G rsshusers -s /usr/bin/rssh whatever_username
Leave A Reply
All content licensed under the Creative Commons License