2011/03/01

How to Add a Jailed User to the SFTP Only


*Note* These instructions work only with OpenSSH version 5.0 and newer.

Now when you create users that need to be jailed, make sure they belong to the 'sftponly' group. For the user "denis" with the password "test", you will need to do the following steps.

useradd denis
usermod -g sftponly denis
usermod -s /bin/false denis
usermod -d /home/denis denis
passwd denis

Add the User to the SSHD Config

nano /etc/ssh/sshd_config
Add the new user to the end of the list with AllowUser before their name.
Then restart sshd by running: /etc/init.d/sshd restart

To set up the jail run the following commands

chmod 755 /home/denis
chown root:root /home/denis
mkdir /home/denis/data
chown denis:sftponly /home/denis/data

No comments:

Post a Comment