This section describes the method for restricting an account to SSH File Transfer Protocol
(SFTP) access only.
Create a user account based on the following example.
user { "foo":
uid => <UID>,
gid => <GID>,
shell => '/usr/libexec/openssh/sftp-server'
}
To allow your user to use the sftp-server
application as a shell, you will need to add custom shell to useradd::shells
in Hiera
as shown below.
useradd::shells:
- /usr/libexec/openssh/sftp-server