Here is complete method to create setup SFTP server on ubuntu server. This method will
Setup SFTP server on ubunut server.
Create SFTP user.
SFTP user will be restricted to one directory only.
SFTP user will not have SSH Secure Shell Access.
SFTP server will access server using SSH. So to install SSH .
Setup SFTP server on ubunut server.
Create SFTP user.
SFTP user will be restricted to one directory only.
SFTP user will not have SSH Secure Shell Access.
SFTP server will access server using SSH. So to install SSH .
sudo apt-get install openssh-server
Edit /etc/ssh/sshd_config with your favourit editor. I am using vim for this procedure and you can use yours like nano. Add this at the end of file. testuser is username of sftp user.
UsePAM yes
Match User testuser
ChrootDirectory %h
ForceCommand internal-sftp
X11Forwarding no
AllowTCPForwarding no
Save it and enter following commands to terminal.
To create testuser enter. -m flag will create root directory in /home/ by default. To set it to your desired directory use -d flag (e.g. useradd -d /home/user/myDirectory testuser).
useradd -m testuser
Add user to group sftp. (To create group sftp enter in terminal "groupadd sftp")
usermod -G sftp testuser
The following command is so much important. It defines the login shell of testuser. If it is not set then shell for test user will be default. Restrict user to its home directory only. This will also restrict user to access SSH access.
usermod -s /bin/false testuser
Change owner so that he can have full access to his directory.
NOTE : This is root directory ROOT should be owner of this directory. To upload and download files create sub directory with ("chown testuser:sftp /home/testuser/newDirectory")
NOTE : This is root directory ROOT should be owner of this directory. To upload and download files create sub directory with ("chown testuser:sftp /home/testuser/newDirectory")
chown root:root /home/testuser
Change mod to 755 . Read , Write , execute for user. Read and execute for sftp group members. Read and execute for all other users.
chmod 0755 /home/testuser
To set password for testuser enter.
passwd testuser
and do not forget to restart your sshd.
/etc/init.d/ssh restart
Test Your sftp setup
To test your sftp setup on LAN or WAN. Install filezilla on other system and enter the IP of your sftp server. From menu bar click on site manager and select sftp as file transfer. Leave port number blank, it will be default to 22. Enter user name and password for sftp user which you created on target machine. testuser in my case.
Troubleshooting :
Before testing remotely. Test newly created sftp user on localhost by entering this cammand
sftp testuser@localhost
then enter password. If successful this error comes Request for subsystem 'sftp' failed on channel 0
comment subsystem line in /etc/ssh/sshd_config. And write this one
Before testing remotely. Test newly created sftp user on localhost by entering this cammand
sftp testuser@localhost
then enter password. If successful this error comes Request for subsystem 'sftp' failed on channel 0
comment subsystem line in /etc/ssh/sshd_config. And write this one
Subsystem sftp internal-sftp
To understand this error visit this .
Comments , Suggestions , Questions and Corrections are Welcome :)
Comments , Suggestions , Questions and Corrections are Welcome :)
No comments:
Post a Comment