CyberKeeda In Social Media
Showing posts with label SFTP. Show all posts
Showing posts with label SFTP. Show all posts

How to allow only SFTP access and no shell access.


Requirement :
  • Restricted to SFTP access
  • Disallow all SSH connection coming from sftp user
Lab setup details
  • Ubuntu 16.04
  • Hostname :

  • Create a sftp user

Syntax Template

# adduser sftpadmin

  • Create a sftp folder, this folder will be used for sftp user
  • Provide ownership to root and give other users only read and execute rights.

Syntax Template

# mkdir /var/sftpdata
# chown root.root /var/sftpdata

# chmod 755 /var/sftpdata

  • Update SSH server config file with below snippet 

Syntax Template

# vim /etc/ssh/sshd_config

  • Copy paste the below snippet at the bottom of the file and save.

Syntax Template

Match User sftpadmin ForceCommand internal-sftp PasswordAuthentication yes ChrootDirectory /var/sftpdata PermitTunnel no AllowAgentForwarding no AllowTcpForwarding no X11Forwarding no

  • Restart SSHD server

Syntax Template

# systemctl restart sshd

  • Check by logging in via sftp and ssh both

Syntax Template

# sftp

Read more ...
Designed By Jackuna