The goal of this configuration is the following:
- Create a user named
uploaduserthat is able to SFTP to a dedicated server to upload files to a directory at/sftp/uploads/uploaduser - The user can upload, but should be unable to download, list, or delete/overwrite files in this location or any other
- Shell (SSH) access must be disabled for the user
- The user should be able to authenticate with either a password or SSH key (if key-only auth is preferred, that's easy to update in
/etc/ssh/sshd_config) - The uploaded files should be accessible by any standard users who are added to a new group named
analysts(i.e., specified users shouldn't require superuser/sudo rights to access and manage the uploaded files)