How to restrict or limit a new ubuntu user from accessing other folder?

1. add a new user

sudo adduser newuser

2. add user to sudo group

sudo usermod -aG sudo newuser

3. add user to ssh group

sudo vim /etc/ssh/sshd_config

>>AllowUsers newuser

4. add restriction to the new user (space sensitive)

sudo visudo -f /etc/sudoers.d/newuser

>>newuser ALL=(ALL) ALL, !sudoedit, !/usr/bin/su, !/bin/su, !/bin/bash, !/bin/sh, !/usr/bin/chmod, !/usr/bin/chown, !/usr/bin/docker, !/usr/bin/passwd, !/usr/sbin/visudo

5. check the new restriction

sudo visudo -c

If it is ok, you will the following message print out:

/etc/sudoers: parsed OK

/etc/sudoers.d/README: parsed OK

/etc/sudoers.d/newuser: parsed OK

6. apply folder restriction to current user folder

sudo chmod -R 700 /home/currentuser

7. reboot the machine and check the restriction

sudo reboot

cd /home/currentuser

sudo chmod -R 777 /home/currentuser

sudo docker ps

How to ssh or scp without password?

 

Method 1: Use SSH Key-Based Authentication

The most secure and recommended way is to set up SSH key-based authentication, which doesn't require you to include a password in the command.

1. Generate SSH Key Pair (if you don’t have one already):

    ssh-keygen -t rsa -b 4096

Save the key in the default location (~/.ssh/id_rsa).

2. Copy Public Key to the Remote Machine:

ssh-copy-id username@remote_host -p 22

Replace username and remote_host with your remote machine's username and IP address or hostname.

3. Run rsync without Password or ssh into another machine without Password:

rsync -avz /path/to/source/ username@remote_host:/path/to/destination/

ssh username@remote_host -p 22

4. Change folder permission on destination folder.

sudo chmod -R 777 destination_folder