Created
October 1, 2018 02:49
-
-
Save koheyamada/aa9b9786cffb0969604a7f857e4ea60e to your computer and use it in GitHub Desktop.
sftpでchrootの設定をする。 ref: https://qiita.com/kooohei/items/5cf0bb6e5c1e372fc55b
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ sudo mkdir /opt/chroot | |
$ sudo chown root.root /opt/chroot | |
$ sudo mkdir /opt/sftpuser | |
$ sudo chown sftpuser /opt/sftpuser/data | |
$ sudo chmod 755 /opt/sftpuser/data |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ sudo cp -pi /etc/ssh/sshd_confg /etc/ssh/sshd_config.bk | |
$ sudo vim /etc/ssh/sshd_config |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ sudo systemctl restart sshd.service | |
$ sudo systemctl status sshd.service |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ touch test | |
$ sftp sftpuser@localhost | |
sftp> cd data | |
sftp> put test | |
sftp> ls | |
sftp> rm test | |
sftp> ls | |
sftp> quit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ sudo useradd sftpuser | |
$ sudo passwd sftpuser |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Subsystem sftp internal-sftp | |
Match User sftpuser | |
ChrootDirectory /opt/sftpuser | |
X11Forwarding no | |
AllowTcpForwarding no | |
PasswordAuthentication yes | |
ForceCommand internal-sftp |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment