33 lines
595 B
Bash
33 lines
595 B
Bash
|
#!/bin/bash
|
||
|
|
||
|
# Run this script with "(sudo) bash <filename> <args>".
|
||
|
|
||
|
# Exit on error.
|
||
|
set -e
|
||
|
|
||
|
# sftp group to create/use
|
||
|
SFTP_GROUP='sftp'
|
||
|
|
||
|
if [[ ! -z "$1" ]]; then
|
||
|
usermod -aG "$SFTP_GROUP" "$1"
|
||
|
else
|
||
|
# Add sftp group.
|
||
|
addgroup ${SFTP_GROUP:-sftp} || true
|
||
|
|
||
|
cat << EOF > /etc/ssh/sshd_config.d/sftp.conf
|
||
|
Match Group ${SFTP_GROUP:-sftp}
|
||
|
PasswordAuthentication yes
|
||
|
ChrootDirectory %h
|
||
|
X11Forwarding no
|
||
|
AllowTcpForwarding no
|
||
|
ForceCommand internal-sftp
|
||
|
|
||
|
Match all
|
||
|
EOF
|
||
|
|
||
|
systemctl restart sshd
|
||
|
|
||
|
printf 'Call this script with a user to add them to the sftp group.\n'
|
||
|
|
||
|
fi
|