Rebex Buru SFTP Server documentation

Usage burusftp: user-update

NAME

burusftp user update - Modifies existing user in the user database.

OPTIONS

  • --add-keys <keyfile1> <keyfile2> <...>
    • Adds public keys and sets key-auth to required when disabled before.
  • --impersonate <on | off>
    • Enables or disables file system impersonation when --win-account is set. This feature is available in Pro edition only. See User authentication for more details.
  • --key-auth <enabled | disabled | required>
    • Enables, disables or makes public key authentication mandatory. Combine with --password-auth to enforce two-factor authentication.
  • --lock [<date-time> | <interval>]
    • Locks a user - the user is not allowed to log in to the server (mutually exclusive with --unlock).
    • When date-time is specified, the user will be unlocked after the specified value. Supported date-time format is yyyy-MM-dd (e.g 2022-11-29) or "yyyy-MM-dd hh:mm:ss" (e.g 2022-11-29 15:30:45) .
    • When interval is specified, the interval is added to current date and time and the user will be unlocked after the specified value.
      • interval has to be specified as a number followed by a letter determining which date or time component should be adjusted
      • supported letters are:
        • (m)inutes
        • (h)ours
        • (d)ays
        • (M)onths
        • (y)ears
      • Combination of intervals is supported (e.g "3d 12h 45m")
  • -p, --pwd
    • Update password (will prompt for new password) and sets password-auth to required when disabled before and password-auth-mode to local.
  • --password <password>
    • Plaintext password and sets password-auth to required when disabled before and password-auth-mode to local. Not recommended as the password will be visible when entering - use -p instead.
  • --password-auth <enabled | disabled | required>
    • Enables, disables or makes password authentication mandatory. Combine with --key-auth to enforce two-factor authentication.
  • --password-auth-mode <local | windowsNetwork | windowsInteractive>
    • Specifies password authentication scheme - see user add for more details. Windows options are available in Pro edition only.
  • --readonly
    • Read-only access (mutually exclusive with readwrite).
  • --readwrite
    • Read-write access (mutually exclusive with readonly).
  • --remove-keys <pattern1> <pattern2> <...>
    • Removes existing public keys. Possible values are (part of) SHA-256 base-64 fingerprint, algorithm (e.g. rsa) or '*' for all keys. Also sets key-auth to disabled when all keys are removed.
  • --remove-pwd
    • Removes password (disables password authentication) and sets password-auth to disabled when password was in use before.
  • --remove-win-account
    • Removes Windows account associated with the user used for Windows authentication and sets password-auth to disabled when Windows authentication was in use before.
  • --set-keys <keyfile1> <keyfile2> <...>
    • Replaces existing public keys with new ones and sets key-auth to required when disabled before.
  • --shell-type (default | none | terminal | legacy)
    • Shell behavior.
    • default - Use the default shell type as specified in the global configuration
    • none - Only minimal shell will be presented (when SCP is enabled). File system traversal is restricted to virtual path settings.
    • legacy - Same as none, with support for SSH aliases
    • terminal - Real shell will be presented (cmd.exe by default). File system traversal is only restricted by Windows access permissions. Virtual path settings are ignored.
  • --shell-path <path>
    • Path to shell executable. Only applicable for terminal shell type. Use an empty value ("") to use default path as specified in the global configuration.
  • --shell-home <path>
    • Home directory. Only applicable for terminal shell type. Use an empty value ("") to use default path as specified in the global configuration.
  • --unlock
    • Unlocks a user after they were locked manually or performed too many invalid login attepmts and clears failed login count (mutually exclusive with lock).
  • --web-admin <enable | disable>
    • Allows or disallows user to access web administration tool (if installed)
  • --win-account <windows account name>
    • Windows account associated with the user used for Windows authentication, sets password-auth-mode to windowsNetwork and password-auth to required when disabled before. Also sets impersonate to on if this command sets Windows authentication as active and required. This feature is available in Pro edition only.

EXAMPLES

  • burusftp user update guybrush --password kate

    • Change password to 'kate' for user guybrush.
  • burusftp user update guybrush --set-keys C:\Users\guybrush\rsa.pub

    • Replace existing public keys for user guybrush.
  • burusftp user update guybrush --lock

    • User guybrush is not allowed log in to the server.
  • burusftp user update guybrush --lock 2022-01-31

    • User guybrush is not allowed log in to the server until the specified date.
  • burusftp user update guybrush --lock "2022-01-31 08:30:00"

    • User guybrush is not allowed log in to the server until the specified date and time.
  • burusftp user update guybrush --lock 7d

    • User guybrush is not allowed log in to the server for next 7 days.
  • burusftp user update guybrush --lock "3d 12h 45m"

    • User guybrush is not allowed log in to the server for next 3 days, 12 hours and 45 minutes.
  • burusftp user update guybrush --unlock

    • User guybrush can log in to the server after it was locked out.

SEE ALSO

user add, user list, user inspect, user delete

What next?

Download

Download fully functional free 30-day trial.

Free download

Non-commercial use

Get a free non-commercial license. It includes most of the features of Professional edition.

Get free license

Commercial use

If you use the server for anything related to business or commercial use you have to purchase a license.

Sales contact
sales@rebex.net

Buy a license

Get help

The server is completely free for personal, academy and other non-commercial use.

Technical support

support@rebex.net