scp with system user?

0

I have a user that was created this way:

sudo adduser --system --home=/opt/someone --group someone

This user does not have login, but when I login to server with my own user, I can change to that user using sudo su - someone -s /bin/bash. And it is OK.

But sometimes I need to transfer files remotely to someone user home directory, but I can't use that user because it does not have a login. The long way is to scp files to my own home directory, then login with my own user, then change to someone and copy those files from my home directory to someone home directory. But that is very annoying to do it.

Maybe there is some better alternative where I could directly scp files using someone user?

Andrius

Posted 2015-04-13T08:44:17.210

Reputation: 477

what do you mean by This user does not have login? does adduser not add to the /etc/passwd file? did you try giving the added user a random string password? – Skaperen – 2015-04-13T08:53:48.507

@Skaperen "This is a “system” user. It is there to own and run the application, it isn’t supposed to be a person type user with a login etc. In Ubuntu, a system user gets a UID below 1000, has no shell (it’s actually /bin/false) and has logins disabled" at least thats what I read. – Andrius – 2015-04-13T09:34:43.930

So if you want to log in as that user, give it a password and a shell and create its home directory. – Bandrami – 2015-04-13T09:36:22.940

Answers

0

It is possible to add users with a shell that will only allow utilities such as scp, rsync and other nice utilities: rssh

I used it on my webhosting service way back, and it did the trick. Users were unable to log in and get a shell, but they were still able to upload stuff properly.

Add them as normal users, but give them rssh as a shell with chsh, and you're good. That way, you can easily upload files as their users, or let them upload themselves.

Jarmund

Posted 2015-04-13T08:44:17.210

Reputation: 5 155

Can you provide rssh.conf example how to configure it so that no login user could scp to his owned directory? – Andrius – 2015-04-13T13:52:38.883

@Andrius I haven't used it in ages, but if I remember correctly, no configuration is required, as that's what it does by default. Just make sure that the users in question has rssh set as their shell, instead of nologin. You can check (or even change) this directly in /etc/passwd – Jarmund – 2015-04-13T15:33:34.363

Asked: 2015-04-13T08:44:17.210

Viewed: 451 times

Active: 2015-04-13T09:52:14.617