How to Setup Chroot SFTP in Linux
How to Setup Chroot SFTP in Linux, it's allow only SFTP, not SSH. I'm running commands as root account.
Step 1: To create group
groupadd sftpusersStep 2: To create user
useradd -g sftpusers -d /home/huupv -s /sbin/nologin huupvStep 3: Setup sftp-server Subsystem in sshd_config
passwd huupv
vim /etc/ssh/sshd_configThe output as bellow
#Subsystem sftp /usr/libexec/openssh/sftp-serverStep 4: Specify Chroot Directory for a Group
Subsystem sftp internal-sftp
vim /etc/ssh/sshd_configAdding line as following
Match Group sftpusersStep 5: To create sftp Home Directory
ChrootDirectory /sftp/%u
ForceCommand internal-sftp
mkdir -p /sftp/huupv/home/huupvStep 6: To setup Appropriate Permission
chown huupv:sftpusers /sftp/huupv/home/huupvTest chroot sftp
service sshd restart
To connect from client ssh to server.
ssh huupv@172.16.235.143The output as bellow
huupv@172.16.235.143's password:To connect from client sftp to server.
This service allows sftp connections only.
Connection to 172.16.235.143 closed.
sftp huupv@172.16.235.143The output as bellow
huupv@172.16.235.143's password:
Connected to 172.16.235.143.
sftp> pwd
Remote working directory: /home/huupv
sftp> ls
FT
sftp> ls /
/home/huupv
sftp> ls /root
Can't ls: "/root" not found
sftp>
Comments
Post a Comment