*Note* These instructions work only with OpenSSH version 5.0 and newer.
Now when you create users that need to be jailed, make sure they belong to the 'sftponly' group. For the user "denis" with the password "test", you will need to do the following steps.
useradd denis
usermod -g sftponly denis
usermod -s /bin/false denis
usermod -d /home/denis denis
passwd denis
usermod -g sftponly denis
usermod -s /bin/false denis
usermod -d /home/denis denis
passwd denis
Add the User to the SSHD Config
nano /etc/ssh/sshd_config
Add the new user to the end of the list with AllowUser before their name.
Then restart sshd by running: /etc/init.d/sshd restart
To set up the jail run the following commands
chmod 755 /home/denis
chown root:root /home/denis
mkdir /home/denis/data
chown denis:sftponly /home/denis/data
chown root:root /home/denis
mkdir /home/denis/data
chown denis:sftponly /home/denis/data
No comments:
Post a Comment