I want to use ssh for my_webapp along with sftp. How can I achieve it?
I needed lot of commands that was required under chroot jail along with ssh support. So I installed debootstrap and installed debian stable version inside chroot folder that is my_webapp__1. This way a virtual envirnment was created for the development of the app completely away from the yunohost. Here are the steps I followed. If some thing can be improved or can be done in better way, please don’t hesitate to improve this.
Install my_webapp on yunohost.
# yunohost app install https://github.com/YunoHost-Apps/my_webapp_ynh/
Remove force sftp for the app from ssh
# nano /etc/ssh/sshd_config
ForceCommand internal-sftpfrom the my_webapp__1 or the what ever your my_webapp instance no. is.
Allow the user to have ssh permission by adding the line
# service ssh restart
Install debootstrap Read more about chroot and debootstrap here
# apt-get install debootstrap
Install the choice of os in chroot directory.
# debootstrap stable /var/www/my_webapp__1 http://deb.debian.org/debian/
You can login to the root of the new installed os by chroot
# chroot /var/www/my_webapp__1
Install the required packages like ssh,sudo
# apt-get install ssh sudo
Exit the chroot
The uid of users should be same of both users in the real os and the chroot os. So we put the real os uid of the my_webapp__1 user to the chroot my_webapp__1 after creating it.
Check the uid of the my_webapp__1 and copy it.
Again login to chroot directory by step 7 and create a user my_webapp__1 in chroot OS.
# adduser my_webapp__1
Give it the same password as real OS user.
Make the udi of the real os same with the chroot os by coping the uid of real os to chroot os.
Copy the uid to the my_webapp__2
Now you can ssh to the chroot folder with the my_webapp__1 user.
$ ssh firstname.lastname@example.org
Enter password and you will be in the shell as my_webapp__1 user of chroot os.
Sometimes the my_webapp__1 will require root privileges. For this either you can give my_webapp__2 as root privileges or login as root by su. Other way is giving user privilege to run sudo without password and with root access by editing /etc/sudoers.
Login to the chroot root by step 7 again and add the user to have sudo privieges.
# nano /etc/sudoers
Add this line under Allow members of group sudo to execute any command
my_webapp__1 ALL=(ALL) NOPASSWD: ALL
Now you can ssh to the chroot by ssh email@example.com and run any command which require by sudo.
Thank you for your solution
I have a similar need (use command from ssh remote on my_webapp) without virtual env.
But i followed your tutorial without success… when ssh connect, my $ ssh are automaticaly closed after login
have you an idea ?