burusftp user add
NAME
burusftp user add <username> [options] - Add user to the user database.
OPTIONS
--ftp (enabled | disabled | default)2.15.0+- Enables or disables FTP access. Default is
default- use server-wide setting.
- Enables or disables FTP access. Default is
--impersonate (on | off)- Enables or disables file system impersonation (using SFTP or SCP) when
--win-accountis set. This feature is available in Pro edition only. See User authentication for more details.
- Enables or disables file system impersonation (using SFTP or SCP) when
--keys <public_key_file1 | key1> <public_key_file2 | key2> <...>- User public key files or keys. Can be used for authentication instead of password. Also sets
key-authto required.
- User public key files or keys. Can be used for authentication instead of password. Also sets
--key-auth (enabled | disabled | required)- Enables, disables or makes public key authentication mandatory. Combine with
--password-authto enforce two-factor authentication.
- Enables, disables or makes public key authentication mandatory. Combine with
--note <note>- Sets note about user.
-p- Securely prompts for password, sets
password-authto required andpassword-auth-modetolocal.
- Securely prompts for password, sets
--password <password>- Sets password, sets
password-authto required andpassword-auth-modetolocal.
- Sets password, sets
--password-auth (enabled | disabled | required)- Enables, disables or makes password authentication mandatory. Combine with
--key-authto enforce two-factor authentication. This value defaults torequiredwhen--impersonate onis set.
- Enables, disables or makes password authentication mandatory. Combine with
--password-auth-mode (local | windowsNetwork | windowsInteractive)- Specifies how password is verified - either using local storage (in conjuction with
--passwordor-p) or using Windows authentication (--win-accountalso must be set). The two Windows options specify whetherLOGON32_LOGON_NETWORK_CLEARTEXTorLOGON32_LOGON_INTERACTIVEmethod shall be used. Default islocalwhen password is set andwindowsNetworkwhen Windows account is set. Windows authentication options are available in Pro edition only.
- Specifies how password is verified - either using local storage (in conjuction with
--password-hash (salt-first|password-first),<password hash hex>,<salt hex>- Specifies password hash and salt and password-salt order, sets
password-authto required andpassword-auth-modetolocal. Currently supported are SHA1, SHA2 and MD5 hashes. - Example:
--password-hash salt-first,0x1055d3e698d289f2af8663725127bd4b,0xa0392fed- MD5 hash (0x1055...), 4-byte salt (0xa0e392fed), hash computed as MD5(salt+password) (salt-first)
- Specifies password hash and salt and password-salt order, sets
--read-only- Read-only access
--root-dir- Root directory to be used for the user. Use path command to specify more virtual path mappings.
--shell-type (none | terminal | legacy)- Shell behavior.
none- Only minimal shell will be presented (when SCP is enabled). File system traversal is restricted to virtual path settings.legacy- Same asnone, with support for SSH aliasesterminal- Real shell will be presented (cmd.exeby default). File system traversal is only restricted by Windows access permissions. Virtual path settings are ignored.
--shell-path <path>- Path to shell executable. Only applicable for
terminalshell type. Default:%WINDIR%\System32\cmd.exe
- Path to shell executable. Only applicable for
--shell-home <path>- Home directory. Only applicable for
terminalshell type. Default:%WINDIR%\..
- Home directory. Only applicable for
--web-admin (enable | disable)- Allows user to access web administration tool (if installed)
--win-account <windows account name>- Windows account associated with the user used for Windows authentication. Also sets
password-authtorequired,password-auth-modetowindowsNetwork,impersonationtoon. This feature is available in Pro edition only.
- Windows account associated with the user used for Windows authentication. Also sets
EXAMPLES
# Add user 'guybrush' with home directory at 'C:\Users\guybrush' and password 'elaine'.
# Guybrush will use password authentication and will have access to web administration.
burusftp user add guybrush --root-dir "C:\Users\guybrush" --password "elaine" --web-admin enable
# Add user 'lechuck' with public key stored in 'C:\Users\lechuck\rsa.pub'.
# LeChuck will use public key authentication
burusftp user add lechuck --root-dir "C:\Users\lechuck" --keys "C:\Users\lechuck\rsa.pub"
# Add user 'lechuck' and with Ed25519 public key.
# LeChuck will use public key authentication.
burusftp user add lechuck --keys "ssh-ed25519 AAAAC3...wondiGXo6J"
# Add user 'elaine' using Windows account `MI\elaine` for password validation.
# This feature is available in Pro edition only.
burusftp user add elaine --root-dir "C:\Users\elaine" --win-account "MI\elaine"
SEE ALSO
path, user delete, user list, user inspect, user update
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.