sftp_jail
- =========================Full Config SFTP=== ==== ==== ==== ====
- Specify Chroot Directory for a Group
- You want to put only certain users (i.e users who belongs to sftpusers group) in the chroot jail environment. Add the following lines at the end of /etc/ssh/sshd_config
- Match Group ntvjgroup
- ChrootDirectory %h
- X11Forwarding no
- AllowTcpForwarding no
- ForceCommand internal-sftp
- service ssh restart
- addgroup –system ntvjgroup
- useradd njuser –gid ntvjgroup –groups ntvjgroup -m –shell /bin/false
- root@ntv:/home# ls -la
- drwxr-xr-x 2 njuser ntvjgroup 4096 Jan 24 22:56 njuser
- # set password
- passwd njuser
- vi /etc/passwd
- njuser:x:1002:117::/var/www/ntvdocs/ntvjobs:/bin/false
- Setup Appropriate Permission
- root@ntv:/var/www# ls -la
- drwxr-xr-x 3 root www-data 4096 Jan 24 23:08 ntvdocs
- root@ntv:/var/www# cd ntvdocs
- root@ntv:/var/www/ntvdocs# ls -la
- drwxr-xr-x 3 root root 4096 Jan 24 23:08 ntvjobs
- root@ntv:/var/www/ntvdocs/ntvjobs# ls -la
- drwxr-xr-x 2 njuser ntvjgroup 4096 Jan 24 23:21 public_html
- root@ntv:/var/www/ntvdocs/ntvjobs# pwd
- /var/www/ntvdocs/ntvjobs
sftp_jail.txt · Last modified: 2023/03/06 11:31 by 127.0.0.1