SFTP ONLY CHROOT


SFTPONLY
groupadd sftponly
useradd user2015
usermod -aG sftponly user2015
passwd user2015

vim /etc/ssh/sshd_config

Comment :

#Subsystem sftp /usr/libexec/openssh/sftp-server

Replace

Subsystem sftp internal-sftp

#Add di beris terakhir

Match Group sftponly
ChrootDirectory %h
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no

sudo -u user2015 mkdir -pv /home/user2015/upload
chown root. /home/user2015
chmod 755 /home/user2015
chgrp -R sftponly /home/user2015

service sshd restart

#ACL
setfacl -R -m u:apache:rwx /home/user2015
setfacl -R -m g:apache:rwx /home/user2015

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

shisdew

Listens until think alike

moses.spaceku@yahoo.com / voip ipbx

Hosted PBX, IP-PBX SOHO/ CALL CENTER, VOICE GATEWAY, VOICE CARD, COST EFECTIVE SOLUTIONS (LCR), GSM/CDMA GATEWAY

%d bloggers like this: