Setting up SFTP with chroot
Read Time:51 Second

Setting up SFTP with chroot

0 0
0 0

Instead of installing with VSFTPD package to configure the FTP service we can use the default SSH service and port 22 for secure file system protocol. This will secure the file transfer with added encrypted method which used in default SSH configuration.

first, add a group

# groupadd secure_ftp

Add the user to newly created Group

Note: User will not be added in Sudo, Don’t try with current user which you have logged in if so you will loose the admin privileges

# usermod -G secure_ftp sysadmin

Edit the ssh configuration

# vim /etc/ssh/sshd_config

Comment the following line to add a new line below that

#Subsystem sftp /usr/lib/openssh/sftp-server

Add this line below the Subsystem.

# Subsystem sftp internal-sftp

Append the below chroot config.

Match Group secure_ftp
x11Forwarding no
AllowTcpForwarding no
ChrootDirectory /home
ForceCommand internal-sftp

Restart the ssh service

# sudo service ssh restart

Now login from client machines

# sftp sysadmin@192.168.1.200

This will work using default ssh with the port (22).

Setting up SFTP with chroot 1

About Post Author

Babin Lonston

Overall 14+ Years of experience in the IT field, currently working as a Senior Linux administration with Virtualization & Cloud. Being numismatist for a long time.
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Leave a Reply

Your email address will not be published.

Install vsftpd with SSL/TLS in Ubuntu Server 4 Previous post Install vsftpd with SSL/TLS in Ubuntu Server
Copy user files from Ubuntu or Debian servers to Amazon S3 bucket 6 Next post Copy user files from Ubuntu or Debian servers to Amazon S3 bucket

Subscribe

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

We promise not to spam you, and we don't usually send more than one email a week.

You have Successfully Subscribed!