sftp/scp only without real users

Thomas Güttler Lists guettliml at thomas-guettler.de
Fri Sep 1 19:11:56 AEST 2017


my goal: sftp/scp only access, without the need for linux users.

I want to provide 10 sftp/scp directories to 10 people. Let's call this 
"virtual account"

I don't want to create linux users for each of them.

I would like to create one linux user (backup_user). In his 
home-directory will be 10 directories. For each "virtual account" one 

Every virtual account must only see his own files, not the files from an 
other virtual account.

I would like to use the solution which is provided here: 

In short there will be 10 lines in the authorized_keys file:

"scp -v -r -d -t ~/CONTENT" ssh-rsa AAAAMYRSAKEY... |

I could improve this by a python script and not use the hard coded "scp 
-v ...".

I would like to support scp and sftp.

Is there a way to chroot, to ensure each virtual account can't break out 
of his jail?

BTW: The idea with authorized_keys and "forced command" is just my 
current strategy. If there is a better way to each the overall goal, 
then please tell me :-)

We are running an OpenSSH server. I would like to stick to it, if possible.

Just for the records, I asked the same question here: 


   Thomas Güttler

More information about the openssh-unix-dev mailing list