burusftp user add
NAME
burusftp user add <username> - Add user to the user database.
OPTIONS
--impersonate (on | off)- Enables or disables file system impersonation (using SFTP or SCP) when
--win-accountis set. This feature is available in Pro edition only. See User authentication for more details.
- Enables or disables file system impersonation (using SFTP or SCP) when
--keys <public_key_file1 | key1> <public_key_file2 | key2> <...>- User public key files or keys. Can be used for authentication instead of password. Also sets
key-authto required.
- User public key files or keys. Can be used for authentication instead of password. Also sets
--key-auth (enabled | disabled | required)- Enables, disables or makes public key authentication mandatory. Combine with
--password-authto enforce two-factor authentication.
- Enables, disables or makes public key authentication mandatory. Combine with
-p- Securely prompts for password, sets
password-authto required andpassword-auth-modetolocal.
- Securely prompts for password, sets
--password <password>- Sets password, sets
password-authto required andpassword-auth-modetolocal.
- Sets password, sets
--password-auth (enabled | disabled | required)- Enables, disables or makes password authentication mandatory. Combine with
--key-authto enforce two-factor authentication. This value defaults torequiredwhen--impersonate onis set.
- Enables, disables or makes password authentication mandatory. Combine with
--password-auth-mode (local | windowsNetwork | windowsInteractive)- Specifies how password is verified - either using local storage (in conjuction with
--passwordor-p) or using Windows authentication (--win-accountalso must be set). The two Windows options specify whetherLOGON32_LOGON_NETWORK_CLEARTEXTorLOGON32_LOGON_INTERACTIVEmethod shall be used. Default islocalwhen password is set andwindowsNetworkwhen Windows account is set. Windows authentication options are available in Pro edition only.
- Specifies how password is verified - either using local storage (in conjuction with
--password-hash (salt-first|password-first),<password hash hex>,<salt hex>- Specifies password hash and salt and password-salt order, sets
password-authto required andpassword-auth-modetolocal. Currently supported are SHA1, SHA2 and MD5 hashes. - Example:
--password-hash salt-first,0x1055d3e698d289f2af8663725127bd4b,0xa0392fed- MD5 hash (0x1055...), 4-byte salt (0xa0e392fed), hash computed as MD5(salt+password) (salt-first)
- Specifies password hash and salt and password-salt order, sets
--read-only- Read-only access
--root-dir- Root directory to be used for the user. Use path command to specify more virtual path mappings.
--shell-type (none | terminal | legacy)- Shell behavior.
none- Only minimal shell will be presented (when SCP is enabled). File system traversal is restricted to virtual path settings.legacy- Same asnone, with support for SSH aliasesterminal- Real shell will be presented (cmd.exeby default). File system traversal is only restricted by Windows access permissions. Virtual path settings are ignored.
--shell-path <path>- Path to shell executable. Only applicable for
terminalshell type. Default:%WINDIR%\System32\cmd.exe
- Path to shell executable. Only applicable for
--shell-home <path>- Home directory. Only applicable for
terminalshell type. Default:%WINDIR%\..
- Home directory. Only applicable for
--web-admin (enable | disable)- Allows user to access web administration tool (if installed)
--win-account <windows account name>- Windows account associated with the user used for Windows authentication. Also sets
password-authtorequired,password-auth-modetowindowsNetwork,impersonationtoon. This feature is available in Pro edition only.
- Windows account associated with the user used for Windows authentication. Also sets
EXAMPLES
# Add user 'guybrush' with home directory at 'C:\Users\guybrush' and password 'elaine'.
# Guybrush will use password authentication and will have access to web administration.
burusftp user add guybrush --root-dir "C:\Users\guybrush" --password "elaine" --web-admin enable
# Add user 'lechuck' with public key stored in 'C:\Users\lechuck\rsa.pub'.
# LeChuck will use public key authentication
burusftp user add lechuck --root-dir "C:\Users\lechuck" --keys "C:\Users\lechuck\rsa.pub"
# Add user 'lechuck' and with Ed25519 public key.
# LeChuck will use public key authentication.
burusftp user add lechuck --keys "ssh-ed25519 AAAAC3...wondiGXo6J"
# Add user 'elaine' using Windows account `MI\elaine` for password validation.
# This feature is available in Pro edition only.
burusftp user add elaine --root-dir "C:\Users\elaine" --win-account "MI\elaine"