fgbreel/sshd_conf.sh

Created November 19, 2012 16:50

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/fgbreel/4111804.js"></script>
Save fgbreel/4111804 to your computer and use it in GitHub Desktop.

Download ZIP

SFTP with OpenSSH

Raw

sshd_conf.sh

	Subsystem sftp "internal-sftp -u 0002"
	Match Group sftponly
	ChrootDirectory %h
	AllowTCPForwarding no
	X11Forwarding no
	ForceCommand internal-sftp -u 0002

frop commented Jan 21, 2016

Nice 👍

Author

fgbreel commented Jan 22, 2016

Remove from /etc/ssh/sshd_config any line containing sftp

Put the content above at the end of the file /etc/ssh/sshd_config

execute the commands below to create a group who will be matched on the rule of the snippet above, an user, and the correct directory permissions.

groupadd sftponly
useradd -s /bin/bash -G sftponly -m sftp-user
passwd sftp-user
chown root:root /home/sftp-user
mkdir /home/sftp-user/incoming && chown sftp-user /home/sftp-user/incoming

diogenes commented Jan 22, 2016

Cool thing, man! 😎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment