Ubuntu: Create read only user and grant SSH access



Question:

I need to create read-only users and make it available for them to SSH with that user name:

  1. groupadd -g 5000 rouser

  2. useradd -u 5000 -g 5000 -md /home/rouser -c "StrongView Linux User" -s /bin/bash rouser

  3. passwd rouser

Is this enough? Do I need to add more info or edit visudo file?

I also noticed that I can log in to their accounts if I have sudo access.


Solution:1

By default, users can only write into their home directory (which they own), any location that has 777 access (/run/shm, /tmp, and a few other places), and any other location that they have user ownership. As long as the user is not in the sudo group, the user cannot modify system directories (they can access system directories and files where the o octet has the r permission).

I recommend that instead of creating a separate group, that you just create the user and place them into the users group (which I believe is by default).

Also, the reason you can log into their accounts is because you have sudo access.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »