Requirement :- Restricted to SFTP access
- Disallow all SSH connection coming from sftp user
Lab setup details- Ubuntu 16.04
- Hostname : cyberkeeda.sftp.com
- Create a sftp user
- Restricted to SFTP access
- Disallow all SSH connection coming from sftp user
Lab setup details
- Ubuntu 16.04
- Hostname : cyberkeeda.sftp.com
- Create a sftp user
Syntax Template
# adduser sftpadmin
# adduser sftpadmin
- Create a sftp folder, this folder will be used for sftp user
- Provide ownership to root and give other users only read and execute rights.
- Create a sftp folder, this folder will be used for sftp user
- Provide ownership to root and give other users only read and execute rights.
Syntax Template
# mkdir /var/sftpdata # chown root.root /var/sftpdata
# chmod 755 /var/sftpdata
# mkdir /var/sftpdata
# chown root.root /var/sftpdata
# chmod 755 /var/sftpdata
- Update SSH server config file with below snippet
- Update SSH server config file with below snippet
Syntax Template
# vim /etc/ssh/sshd_config
# vim /etc/ssh/sshd_config
- Copy paste the below snippet at the bottom of the file and save.
- Copy paste the below snippet at the bottom of the file and save.
Syntax Template
Match User sftpadmin
ForceCommand internal-sftp
PasswordAuthentication yes
ChrootDirectory /var/sftpdata
PermitTunnel no
AllowAgentForwarding no
AllowTcpForwarding no
X11Forwarding no
- Restart SSHD server
- Restart SSHD server
Syntax Template
# systemctl restart sshd
# systemctl restart sshd
- Check by logging in via sftp and ssh both
- Check by logging in via sftp and ssh both
Syntax Template
# sftp sftpadmin@cyberkeeda.sftp.com
# sftp sftpadmin@cyberkeeda.sftp.com
No comments:
Post a Comment