Posted on

Script to Create a SFTP User to Access Only Home Directory – Ubuntu 12x, 14x or 16x

Following script will create a SFTP user to access only home directory (Ubuntu 12x, 14x or 16x)

This script will save password in account.txt file.

Go to your home directory

cd /home

Create a account.txt file

sudo touch account.txt

Create a shell script and paste following script

nano createsftp.sh
#!/bin/bash

####
# This script automatically creates SFTP Account and allow only access to Home Directory
#
# Author: Asuk Nath
# Date: 11/20/15
#
###

# Check user name supplied or not
if [ $# -lt 1 ]; then
echo "Please supply a username"
echo "Example: " $0 "john"
exit
fi

# Check if username already exist
if id "$1" >/dev/null 2>&1; then
 echo "Username Exists"
 echo "Use different username"
 exit
fi

# Declare local variable and generate random password for SFTP
newuser=$1
randompw=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)

# Create new user and assign random password.
useradd $newuser
echo $newuser:$randompw | chpasswd

# Setting folder permission
echo "Please wait Applying Permission and setting Incoming folder"

mkdir /home/$newuser
chown root:root /home/$newuser
sleep 2
mkdir /home/$newuser/sftproot
sleep 2
chown $newuser:$newuser /home/$newuser/sftproot

cat <<EOF >> /etc/ssh/sshd_config
Match User $newuser
ChrootDirectory /home/$newuser/
 ForceCommand internal-sftp
 AllowTCPForwarding no
 X11Forwarding no
EOF

sleep 2
service ssh restart

# New Username and Password to account.txt

cat <<EOF >> /home/account.txt
$newuser $randompw
EOF

echo "SFTP Account:" $newuser "has been created with the password:" $randompw

Make this script executable

sudo chmod +x createsftp.sh

Command to create SFTP account

root@sftp:/home# sudo ./createsftp.sh user1
Please wait Applying Permission and setting Incoming folder
SFTP Account: user1 has been created with the password: Jtkxp0ZE

Password is also saved in account.txt file

cat account.txt
user1 6C215q3l

Delete SFTP account

root@sftp:/home# sudo deluser user1
Removing user `user1' ...
Warning: group `user1' has no more members.
Done.

Also you need to delete following lines from sshd_config file

Edit /etc/ssh/sshd_config

sudo nano /etc/ssh/sshd_config

Delete following lines

Match User user1
ChrootDirectory /home/user1/
 ForceCommand internal-sftp
 AllowTCPForwarding no
 X11Forwarding no

Delete user’s home directory

sudo rm -rf user1
Posted on

Clean Ubuntu 14x or 16x for Proxmox VE Template

Bash shell script to clean up Ubuntu for Proxmox VE Template

#!/bin/bash
# Stop rsyslog to clean up logs
service rsyslog stop

# Cleanup all logs
cat /dev/null > /var/log/audit/audit.log
cat /dev/null > /var/log/wtmp
cat /dev/null > /var/log/lastlog

#cleanup persistent udev rules
rm /etc/udev/rules.d/70-persistent-net.rules

#cleanup /tmp directories
rm -rf /tmp/*
rm -rf /var/tmp/*

#cleanup current ssh keys
rm -f /etc/ssh/ssh_host_*
sed -i -e 's|exit 0||' /etc/rc.local
sed -i -e 's|.*test -f /etc/ssh/ssh_host_dsa_key.*||' /etc/rc.local
bash -c 'echo "test -f /etc/ssh/ssh_host_dsa_key || dpkg-reconfigure openssh-server" >> /etc/rc.local'
bash -c 'echo "exit 0" >> /etc/rc.local'

# Clear hostname
cat /dev/null > /etc/hostname

# Cleanup apt
apt-get clean

#cleanup shell history
history -w
history -c

 

Posted on

Unable to SSH to Proxmox Default LXC Ubuntu 14.X and 16.X VPS

By default it’s not possible to establish a direct SSH connection to a Proxmox’s default Ubuntu 14.x or 16.x LXC VPS.

In order to SSH into a Ubuntu 14.x and 16.x LXC VPS you need to use NoVNC Console to apply following commands:

Modify /etc/ssh/sshd_config

nano /etc/ssh/sshd_config

Change Config

PermitRootLogin without-password to PermitRootLogin yes

Restart SSH Service

service ssh restart
Posted on

Unable to SSH to Proxmox Default LXC VPS Centos 7

By default it’s not possible to establish a direct SSH connection to a Proxmox’s LXC VPS.

In order to SSH into a LXC VPS you need to login to HostFav’s account and use NoVNC Console to apply following command:

Install SSH Server:

yum install openssh-server

Start SSH Service

systemctl start sshd.service

Enable Auto Start

systemctl enable sshd.service