SSH/SFTP User Privileges

When you create or update an SSH user you can grant access to one or more containers or volumes. This allows you to easily use the same user across multiple containers or volumes.

Note

We made this easy, but we still recommend one user per container as best practice. Assigning multiple containers to a user increases your security risk, and will also affect the number of commands that are available to the user.

When logging in to access a Container via SSH, your session’s working environment is spawned inside a temporary container, inside which your application container’s environment gets mounted to grant you access to files, config, logs and backups. This means any changes outside of your home directory will not be persistent. However, everything stored in your user’s home directory will remain.

Single Container vs Multi Container Access

The number of commands available depends on the number of containers or volumes that your SSH / SFTP user has access to.

Attached To	Environment & Access
No Containers	Base Linux environment with basic CLI commands.
One Container	Full environment that matches your container with all CLI commands.
2+ Containers	Base Linux environment with basic CLI commands.
Volumes Only	Base Linux environment with basic CLI commands.

Redis 3 Example

Take the example of an SSH user logging into a Redis 3 container. For any user, standard commands are available (cd, ls, chown, chmod, git, etc.).

If the user is attached only to the Redis 3 container, more commands are availabe:

• redis-benchmark
• redis-check-aof
• redis-check-dump
• redis-check-dump
• redis-cli
• redis-sentinel
• redis-server

Using Your Own Binaries

Each SSH user has a special directory to store your own binaries making them available anywhere without having to specify the full path. To do so you need to download/upload your binary (or script) inside the bin directory of your user’s home directory.