antisaWiki

User Tools

Site Tools

Trace: rundeck_add_remote_node sftp_limit_users_home_folder
wiki:sftp_limit_users_home_folder

Table of Contents

,

sftp limit users to home folder

With ssh keys (add user's public key to her home folder)

1. Add to end of /etc/ssh/sshd_config: 

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp -f AUTH -l VERBOSE
Match group sftp
  ForceCommand internal-sftp
  ChrootDirectory %h
  X11Forwarding no
  AllowTcpForwarding no

2. Create group: 

groupadd sftp

3. Create user and add it to the group: 

useradd -d <home holder>  -m <username> -g sftp -s /bin/false

4. Home folder for the new sftp user has to be given to root owner and have correct permissions: 

chown root:sftp <home folder>
chmod 755 <home folder>

5. 

service ssh restart

NOTE: if you need read/write access in /var/www folder, users need to be in www-data group. 

usermod -aG www-data <username>

Tested on

See also

References

wiki/sftp_limit_users_home_folder.txt · Last modified: 2022/11/01 11:10 by antisa
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki