restic_ynh/doc/POST_INSTALL.md at testing

YunoHost-Apps/restic_ynh

Fork 0

mirror of https://github.com/YunoHost-Apps/restic_ynh.git synced 2024-09-03 20:16:22 +02:00

Alexandre Aubin 23e05c4b53

Update POST_INSTALL.md

2024-07-10 20:43:40 +02:00

829 B

Raw Permalink Blame History

You should now allow the following public key on the target server __SERVER__ :

User: __SSH_USER__
Public key: __PUBLIC_KEY__

Do so by running those commands on __SERVER__ with user __SSH_USER__ :

mkdir ~/.ssh -p
touch ~/.ssh/authorized_keys
chmod u=rw,go= ~/.ssh/authorized_keys
echo "__PUBLIC_KEY__" >> ~/.ssh/authorized_keys

Also make sure __BACKUP_PATH__ exists and is writable by __SSH_USER__

Optional: to improve security, make sure the user can only connect through SFTP and can only access its home directory on the target server. On Debian/Ubuntu, this is done using the following command snippet:

cat << EOF>> /etc/ssh/sshd_config
Match User __SSH_USER__
   ChrootDirectory %h
   ForceCommand internal-sftp
   AllowTcpForwarding no
   X11Forwarding no
EOF
systemctl restart ssh

829 B Raw Permalink Blame History

829 B

Raw Permalink Blame History