How to Setup Chroot SFTP in Linux

How to Setup Chroot SFTP in Linux

How to Setup Chroot SFTP in Linux, it's allow only SFTP, not SSH. I'm running commands as root account.
Step 1: To create group
groupadd sftpusers
Step 2: To create user
useradd -g sftpusers -d /home/huupv -s /sbin/nologin huupv
passwd huupv
Step 3: Setup sftp-server Subsystem in sshd_config 
vim /etc/ssh/sshd_config
The output as bellow
#Subsystem       sftp    /usr/libexec/openssh/sftp-server
Subsystem       sftp    internal-sftp
Step 4: Specify Chroot Directory for a Group
vim /etc/ssh/sshd_config
Adding line as following
Match Group sftpusers
        ChrootDirectory /sftp/%u
        ForceCommand internal-sftp
Step 5: To create sftp Home Directory
mkdir -p /sftp/huupv/home/huupv
Step 6: To setup Appropriate Permission
chown huupv:sftpusers /sftp/huupv/home/huupv
service sshd restart
Test chroot sftp
To connect from client ssh to server.
ssh huupv@172.16.235.143
The output as bellow
huupv@172.16.235.143's password:
This service allows sftp connections only.
Connection to 172.16.235.143 closed.
To connect from client sftp to server.
sftp huupv@172.16.235.143
The output as bellow
huupv@172.16.235.143's password:
Connected to 172.16.235.143.
sftp> pwd
Remote working directory: /home/huupv
sftp> ls
FT
sftp> ls /
/home/huupv
sftp> ls /root
Can't ls: "/root" not found
sftp>

Comments

Popular posts from this blog

Bash script list all IP addresses connected to Server with Country Information

zimbra some services are not running [Solve problem]

Whitelist and Blacklist domain in zimbra 8.6