1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/restic_ynh.git synced 2024-09-03 20:16:22 +02:00
restic_ynh/doc/POST_INSTALL.md
2024-07-10 20:43:40 +02:00

29 lines
829 B
Markdown

You should now allow the following public key on the target server `__SERVER__` :
- User: `__SSH_USER__`
- Public key: `__PUBLIC_KEY__`
Do so by running those commands on `__SERVER__` with user `__SSH_USER__` :
```
mkdir ~/.ssh -p
touch ~/.ssh/authorized_keys
chmod u=rw,go= ~/.ssh/authorized_keys
echo "__PUBLIC_KEY__" >> ~/.ssh/authorized_keys
```
Also make sure `__BACKUP_PATH__` exists and is writable by `__SSH_USER__`
Optional: to improve security, make sure the user can only connect through SFTP and can only access its home directory on the target server.
On Debian/Ubuntu, this is done using the following command snippet:
```
cat << EOF>> /etc/ssh/sshd_config
Match User __SSH_USER__
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
X11Forwarding no
EOF
systemctl restart ssh
```