33 lines
595 B
Bash
Executable File
33 lines
595 B
Bash
Executable File
#!/bin/bash
|
|
|
|
# Run this script with "(sudo) bash <filename> <args>".
|
|
|
|
# Exit on error.
|
|
set -e
|
|
|
|
# sftp group to create/use
|
|
SFTP_GROUP='sftp'
|
|
|
|
if [[ ! -z "$1" ]]; then
|
|
usermod -aG "$SFTP_GROUP" "$1"
|
|
else
|
|
# Add sftp group.
|
|
addgroup ${SFTP_GROUP:-sftp} || true
|
|
|
|
cat << EOF > /etc/ssh/sshd_config.d/sftp.conf
|
|
Match Group ${SFTP_GROUP:-sftp}
|
|
PasswordAuthentication yes
|
|
ChrootDirectory %h
|
|
X11Forwarding no
|
|
AllowTcpForwarding no
|
|
ForceCommand internal-sftp
|
|
|
|
Match all
|
|
EOF
|
|
|
|
systemctl restart sshd
|
|
|
|
printf 'Call this script with a user to add them to the sftp group.\n'
|
|
|
|
fi
|