User Tools

Site Tools


sftp-config

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

sftp-config [2019/07/21 20:03] (current)
Line 1: Line 1:
 +====== SFTP access using OpenSSH ======
 +
 +In this example we are going to create SFTP access for a user named sftp_user.
 +
 +Simply create a folder for the sftp chroot jail for our sftp user, make sure it is owned by root.
 +<code bash>
 +sudo mkdir -p /​sftp/​sftp_user
 +sudo chown root:root /sftp
 +sudo chown root:root /​sftp/​sftp_user
 +</​code>​
 +
 +Add the user for SFTP access:
 +<code bash>
 +sudo adduser sftp_user --home /​sftp/​sftp_user --shell /bin/false --no-create-home
 +sudo groupadd sftp_only
 +sudo usermod -a -G sftp_only sftp_user
 +</​code>​
 +
 +Edit **/​etc/​ssh/​sshd_config**,​ find and change the Subsystem entry to look like this:
 +<​code>​
 +Subsystem sftp internal-sftp -u 0022
 +</​code>​
 +Then add the following lines at the end:
 +<​code>​
 +Match group sftp_only
 +        ForceCommand internal-sftp
 +        ChrootDirectory /sftp/%u
 +        X11Forwarding no
 +        AllowTcpForwarding no
 +</​code>​
 +
 +Restart the SSH server:
 +<code bash>
 +sudo /​etc/​init.d/​ssh restart
 +</​code>​
 +
 +That should be it :-)
 +
 +Reference:
 +[[http://​en.wikibooks.org/​wiki/​OpenSSH/​Cookbook/​SFTP|SFTP Cookbook]]
  
sftp-config.txt ยท Last modified: 2019/07/21 20:03 (external edit)