Create non-root SSH user account and provide access to specific folders
This tutorial guides you on how to create non-root SSH user account and provide access to specific folders only in Linux.
Create non-root SSH user account and provide access to specific folders
You should be able to create new SSH user and provide access to specific folders by running the following commands. First, execute the adduser command.
$ sudo adduser --home /home/sneppets/testdir/ --shell /bin/bash --no-create-home --ingroup sneppets demouser Adding user `demouser' ... Adding new user `demouser' (1002) with group `sneppets' ... Not creating home directory `/home/sneppets/testdir/'. New password: Retype new password: passwd: password updated successfully Changing the user information for demouser Enter the new value, or press ENTER for the default Full Name []: demo user Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] y
Where,
adduser is the command used to add new user.
–home is used to specify where user will be redirected to by default when they login.
–shell is to specify the shell as /bin/bash. By default it is /bin/sh if you don’t specify.
–no-create-home will not create a home directory with username as /home/demouser instead it will user the mentioned directory /home/sneppets/testdir/ which already exists.
–ingroup is to add new user to the specified group.
Finally, the last argument is the “username” of the user account which you wanted to create.
Note, if you wanted to create a group before creating non-root SSH user account, then you can run the below command.
$ sudo groupadd -f sneppets
After that, verify whether group “sneppets” is created or not.
$ groups sneppets adm dip video plugdev google-sudoers
Once user account is created and user and group information is verified as shown below.
$ sudo groups demouser demouser : sneppets
Then, follow the below section to provide read-write access for the specific folders for the user account created.
Allow user or a group read-write access to a directory
In this section let us see how to provide read-write access for the group “sneppets” where this “demouser” user belongs to. Therefore, the user would be able to perform read-write operations in the directory “/home/sneppets/testdir“.
To provide read-write access for the group to a specific folder, run the following commands.
$ pwd /home/sneppets $ ls testdir $ sudo chgrp sneppets ./testdir $ sudo chmod g+rwx ./testdir
Note, you need to execute chgrp command, so that the directoryt “testdir” will be part of group “sneppets”. Then you need to execute chmod command, so that the group “sneppets” and user “demouser” will get read-write permissions to the folder “testdir”.
To test whether the new SSH user has write access you can follow this tutorial How to connect VM using private key and SFTP in WinSCP and try to copy files under folder “testdir”.
That’s it. You had learnt how to create non-root SSH user account and how to provide access to specific folders only in Linux.
Hope it helped 🙂
- How to set or change root password in Ubuntu Linux ?
- Docker: Error response from daemon: OCI runtime create failed: container_linux.go:349
- How to find which users belongs to a specific group in linux
- Give write permissions for specific user or group for specific folder in linux
- How to unzip a zip file from Terminal (Google Cloud Shell)
- Build a Docker Image with a Dockerfile and Cloud Build in GCP?
- How to create GCP project on Google Cloud Platform
- GCP Virtual Private Cloud (VPC) Networks Fundamentals
- How to create GCP project on Google Cloud Platform
- Is it possible to change Google Cloud Platform Project ID ?
- Putty Fatal Error No supported authentication methods available
- JMeter Testing : How to run 100 Requests per second