Rebex Buru SFTP Server documentation

Usage burusftp: user-add

NAME

burusftp user add <username> - Add user to the user database.

OPTIONS

  • --impersonate (on | off)
    • Enables or disables file system impersonation (using SFTP or SCP) when --win-account is set. This feature is available in Pro edition only. See User authentication for more details.
  • --keys <public_key_file1> <public_key_file2> <...>
    • User public key files. Can be used for authentication instead of password. Also sets key-auth to required.
  • --key-auth (enabled | disabled | required)
    • Enables, disables or makes public key authentication mandatory. Combine with --password-auth to enforce two-factor authentication.
  • -p
    • Securely prompts for password, sets password-auth to required and password-auth-mode to local.
  • --password <password>
    • Sets password, sets password-auth to required and password-auth-mode to local.
  • --password-auth (enabled | disabled | required)
    • Enables, disables or makes password authentication mandatory. Combine with --key-auth to enforce two-factor authentication. This value defaults to required when --impersonate on is set.
  • --password-auth-mode (local | windowsNetwork | windowsInteractive)
    • Specifies how password is verified - either using local storage (in conjuction with --password or -p) or using Windows authentication (--win-account also must be set). The two Windows options specify whether LOGON32_LOGON_NETWORK_CLEARTEXT or LOGON32_LOGON_INTERACTIVE method shall be used. Default is local when password is set and windowsNetwork when Windows account is set. Windows authentication options are available in Pro edition only.
  • --password-hash (salt-first|password-first),<password hash hex>,<salt hex>
    • Specifies password hash and salt and password-salt order, sets password-auth to required and password-auth-mode to local. Currently supported are SHA1, SHA2 and MD5 hashes.
    • Example: --password-hash salt-first,0x1055d3e698d289f2af8663725127bd4b,0xa0392fed - MD5 hash (0x1055...), 4-byte salt (0xa0e392fed), hash computed as MD5(salt+password) (salt-first)
  • --read-only
    • Read-only access
  • --root-dir
    • Root directory to be used for the user. Use path command to specify more virtual path mappings.
  • --shell-type (none | terminal | legacy)
    • Shell behavior.
    • none - Only minimal shell will be presented (when SCP is enabled). File system traversal is restricted to virtual path settings.
    • legacy - Same as none, with support for SSH aliases
    • terminal - Real shell will be presented (cmd.exe by default). File system traversal is only restricted by Windows access permissions. Virtual path settings are ignored.
  • --shell-path <path>
    • Path to shell executable. Only applicable for terminal shell type. Default: %WINDIR%\System32\cmd.exe
  • --shell-home <path>
    • Home directory. Only applicable for terminal shell type. Default: %WINDIR%\..
  • --web-admin (enable | disable)
    • Allows user to access web administration tool (if installed)
  • --win-account <windows account name>
    • Windows account associated with the user used for Windows authentication. Also sets password-auth to required, password-auth-mode to windowsNetwork, impersonation to on. This feature is available in Pro edition only.

EXAMPLES

  • burusftp user add guybrush --root-dir C:\Users\guybrush --password elaine --web-admin enable

    • Add user 'guybrush' with home directory at 'C:\Users\guybrush' and password 'elaine'. Guybrush will use password authentication and will have access to web administration.
  • burusftp user add lechuck --root-dir C:\Users\lechuck --keys C:\Users\lechuck\rsa.pub

    • Add user 'lechuck' with public key stored in 'C:\Users\lechuck\rsa.pub'. Lechuck will use public key authentication
  • burusftp user add elaine --root-dir C:\Users\elaine --win-account MI\elaine

    • Add user 'elaine' using Windows account MI\elaine for password validation. This feature is available in Pro edition only.

SEE ALSO

path, user delete, user list, user inspect, user update

What next?

Download

Download fully functional free 30-day trial.

Free download

Non-commercial use

Get a free non-commercial license. It includes most of the features of Professional edition.

Get free license

Commercial use

If you use the server for anything related to business or commercial use you have to purchase a license.

Sales contact
sales@rebex.net

Buy a license

Get help

The server is completely free for personal, academy and other non-commercial use.

Technical support

support@rebex.net