Estou tentando configurar um servidor sftp usando o sftp integrado do openssh.
Subsystem sftp /usr/lib/openssh/sftp-server
e criei o usuário seguindo (mais ou menos (usando ansible), eu uso /sbin/nologin para shell e /dev/null é usado como skel) https://sftpcloud.io/learn/sftp/how-to-setup-sftp-server-on-ubuntu-22-04
mas quando tento conectar
sftp myuser@myip
Recebo o prompt e digito a senha, mas não funciona
client_loop: send disconnect: Broken pipe
Connection closed.
Connection closed
O problema é que agora o diretório inicial do usuário está cheio de lixo.
$ ls -a
snap/ .cache .local
e no syslog vejo MUITAS coisas acontecendo que parecem mais relacionadas ao login como um usuário normal (eu acho). Aqui estão algumas coisas
systemd[1]: Created slice user-1003.slice - User Slice of UID 1003.
systemd[1]: Starting [email protected] - User Runtime Directory /run/user/1003...
snapd-desktop-i[4568]: Detected new session 42 at /org/freedesktop/login1/session/_342
systemd[1]: Finished [email protected] - User Runtime Directory /run/user/1003.
systemd[1]: Starting [email protected] - User Manager for UID 1003...
systemd-xdg-autostart-generator[14091]: Exec binary 'start-pulseaudio-x11' does not exist: No such file or directory
systemd-xdg-autostart-generator[14091]: /etc/xdg/autostart/pulseaudio.desktop: not generating unit, executable specified in Exec= does not exist.
systemd[14080]: Queued start job for default target default.target.
systemd[14080]: Created slice app.slice - User Application Slice.
systemd[14080]: Created slice session.slice - User Core Session Slice.
systemd[14080]: Started ubuntu-report.path - Pending report trigger for Ubuntu Report.
systemd[14080]: Started launchpadlib-cache-clean.timer - Clean up old files in the Launchpadlib cache.
systemd[14080]: Starting gpg-agent-ssh.socket - GnuPG cryptographic agent (ssh-agent emulation)...
systemd[1]: Started [email protected] - User Manager for UID 1003.
systemd[1]: Started session-42.scope - Session 42 of User myuser.
systemd[14080]: Starting gnome-initial-setup-copy-worker.service - GNOME Initial Setup Copy Worker...
systemd[14080]: Started pipewire.service - PipeWire Multimedia Service.
systemd[14080]: Started filter-chain.service - PipeWire filter chain daemon.
systemd[14080]: Started snap.snapd-desktop-integration.snapd-desktop-integration.service - Service for snap application snapd-desktop-integration.snapd-desktop-integration.
systemd[14080]: Started wireplumber.service - Multimedia Service Session Manager.
systemd[14080]: Started pipewire-pulse.service - PipeWire PulseAudio.
systemd[14080]: Startup finished in 270ms.
systemd[14080]: Starting dbus.service - D-Bus User Message Bus...
pipewire[14099]: mod.jackdbus-detect: Failed to receive jackdbus reply: org.freedesktop.DBus.Error.ServiceUnknown: The name org.jackaudio.service was not provided by any .service files
wireplumber[14113]: SPA handle 'api.libcamera.enum.manager' could not be loaded; is it installed?
systemd[14080]: snap.snapd-desktop-integration.snapd-desktop-integration.service: Main process exited, code=exited, status=1/FAILURE
systemd[14080]: snap.snapd-desktop-integration.snapd-desktop-integration.service: Failed with result 'exit-code'.
Então, acho que o login aciona "outras coisas". Como desabilitar as coisas extras que estão acontecendo e usar apenas o SFTP? Tenho outros usuários "comuns" fazendo login no servidor que estou tentando configurar como um servidor SFTP, então preciso lidar com esses usuários SFTP de uma maneira especial. Mas como?
Eu uso o Ubuntu 24.04. Meu sshd_config diz:
UsePAM yes