SFTP Setup:
/etc/ssh/sshd_config:
Subsystem sftp internal-sftp
Match Group sftpusers
PasswordAuthentication yes
ChrootDirectory /srv/sftponly
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp
Adding the sftp group:
groupadd sftpusers
Creating the only account for SFTP Access
useradd -d /srv/sftponly -g sftpusers -s /bin/false sftpuser
passwd sftpuser
Restart openssh:
/etc/init.d/ssh restart
Setting Permission for the directory
chown root:root /srv ; chown root:root /srv/sftponly ; chmod 755 /srv ; chmod 755 /srv/sftponly
Making a Public Directory:
mkdir /srv/sftponly/public
chown sftpuser:sftpusers /srv/sftponly/public/
chmod 333 /srv/sftponly/public/
ls -ltd
d-wx-wx-wx 2 sftpuser sftpusers 4096 Oct 15 14:51 /srv/sftponly/public/ref
https://www.unix.com/unix-for-advanced-and-expert-users/238265-sftp-resticting-only-uploading-file.html
No comments:
Post a Comment
Terima kasih