demo
/
scm-setup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0867f8e023'
${ noResults }
scm-setup/sftp-server mitech.md

1.5 KiB
Raw Blame History

sftp configurstion

Steps

  1. Create a New Group

    $ groupadd mitechextusers

  2. Create Users

    # create mitechext_sw

$ useradd -g mitechextusers -d /sftp/mitechext/software/software/shared -s /sbin/nologin mitechext_sw

# change mitechext_sw password

$ passwd mitechext_sw

# verify creation

$ grep mitechext_sw /etc/passwd

  3. Setup sshd_config

$ nano /etc/ssh/sshd_config
  • Comment out Subsystem sftp /usr/libexec/openssh/sftp-server. Add the following
#Subsystem sftp /usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp

Match User mitechext_sw
  ChrootDirectory /sftp/mitechext/software
  ForceCommand internal-sftp
  1. Create sftp home directory
$ mkdir /sftp
$ mkdir /sftp/mitechext/software
$ mkdir /sftp/mitechext/software/shared

# set folder ownership
$ chown mitechext_sw:mitechextusers /sftp//mitechext/software/shared

# verify ownership
$ ls -ld /sftp//mitechext/software/shared
drwxr-xr-x 2 mitechext_sw mitechextusers 4096 Dec 28 23:49 /sftp//mitechext/software/shared

$ ls -ld /sftp//mitechext/software
drwxr-xr-x 3 root root 4096 Dec 28 23:49 /sftp/guestuser

$ ls -ld /sftp//mitechext
drwxr-xr-x 3 root root 4096 Dec 28 23:49 /sftp
  1. Restart sshd
$ service sshd restart

OR 

$ systemctl restart ssh

6 Test setup

# user should only able to access the incoming folder as root level
$ sftp mitechext_sw@127.0.0.1