Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

prevent user from deleting .ssh/authorized_keys file

Posted on 2013-11-25
4
Medium Priority
?
926 Views
Last Modified: 2013-12-19
We have setup an Ubuntu server for the purpose of provide SFTP accounts for a number of users. Each user has an account and can upload files to their respective home directories. We are using vsftpd and key pairs. The users do not have SSH access.

The issue I'm having is that I'd like to prevent users from modifying or deleting the authorized_keys file in their /home/user/.ssh directory.

Ideally, we'd prefer that they not see or modify these files and directories, all under the /home/user directory:

.bash_logout
.bashrc
.profile
.ssh

And instead, they would only access the /home/user/files directory.

Any suggestions on how to accomplish this?

Thanks.
0
Comment
Question by:TrinitySEM
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 84

Expert Comment

by:ozo
ID: 39675025
rbash
0
 
LVL 10

Accepted Solution

by:
Luxana earned 2000 total points
ID: 39675042
Hi,

make your files immutable. Check this example:

$ echo test > file1
$ cat file1 
test
$ su
Password:  
# chattr +i file1 
# exit
$ cat file1 
test
$ rm file1 
rm: remove write-protected regular file `file1'? y
rm: cannot remove `file1': Operation not permitted

Open in new window


From the above you can see that user still can read this file but will not be able to modify it or remove it.

hope this helps...
0
 

Author Comment

by:TrinitySEM
ID: 39724617
Thank you. That worked.

One issue is that I created a test file with the root user account and now that user can't delete the file. Any thoughts on how to remove?

Thanks again.
0
 
LVL 10

Expert Comment

by:Luxana
ID: 39728681
as  root change ownership of this file:

chown username.username /home/username/file
0

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question