Skip to content

Instantly share code, notes, and snippets.

@alexalouit

alexalouit/README.txt

Last active Apr 11, 2020
Embed
What would you like to do?
built-in sftp chrooted sftp
user1,user2 no password login
user3 both
classical $home/.ssh usage
$home must be root owned
only $home/subdirs as chrooted-user could be writeable
note: recent openssh server require password (random it)
#/etc/group
sftp:x:4099:user1,user2
#/etc/passwd
user1:x:4000:4099:user1:/sftp/user1:/bin/false
user2:x:4001:4099:user2:/sftp/user2:/bin/false
user3:$xxxxxxxx/:4002:4099:user3:/sftp/user3:/bin/false
#/etc/ssh/sshd_config
Subsystem sftp internal-sftp
Match Group sftp
ForceCommand internal-sftp
ChrootDirectory %h
AllowTcpForwarding no
PermitTunnel no
X11Forwarding no
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment