I've got a vps running Rocky Linux 9. It's got an Nginx web server
with several sites that I'd like to allow users to manage. They use VS
Code. Currently and this is not working entirely to my satisfaction
I've got these users set up as sftp-only, while they do have accounts
n the system they are all set with a nologin shell. In sshd_config the
internal sftp server is used. If I atempt login from a second system
using one of these user's username/password combos that works, and I
can see there writable webstore area nd only that area, so the chroot
is somewhat working. I am more uncertain about permissions and
owner/group access for nginx and sshd, I don't want to give these
users' files to much permissions. I would like to turn off
PasswordAuthentication entirely and only use PublickeyAuthentication.
On the second system I've generated keypairs for a user and put them
on the server in home directory .ssh and manually set permissions.
These keys do not have a passphrase so my expected outcome is to
atempt an sftp login and the connection goes right in without
password. This doesn't happen, I keep getting a message that
PublickeyAuthentication not allowed, even though that option is set in
sshd_config and again in each user-specific block.
Lastly, once I get PublickeyAuthentication going and have disabled
PasswordAuthentication I'm going to want to hook VS Code in to this.
Currently I've got the remote ssh extension installed, but from what
I'm reading this only does ssh not sftp.
Does anyone have something similar to this setup going? If so any help