Setup sftp server on debian8 (chroot)

Let’s start by:

su -
groupadd sftp_users
usermod -G sftp_users my_username

Then:

emacs /etc/ssh/sshd_config
 
# Search the line below and replace it
Subsystem sftp /usr/lib/openssh/sftp-server
# by this one
Subsystem sftp internal-sftp
 
# Now each time that a user connects from the sftp group, 
# we are gonna apply theses rules:
 
Match Group sftp_users
 X11Forwarding no
 AllowTcpForwarding no
 ChrootDirectory /home
 ForceCommand internal-sftp

Finally:

systemctl restart ssh

https://serverfault.com/questions/660160/openssh-difference-between-internal-sftp-and-sftp-server

Edit: If you need to remove a user from a group:

gpasswd -d user group

or debian includes a tool:

deluser user group

https://unix.stackexchange.com/questions/29570/how-do-i-remove-a-user-from-a-group

About Saïd

Software developer.

This entry was posted in Server, SFTP. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *