SFTP Server Configure

SFTP Server Configure

Tested with Centos 7 & Centos 8

Add user

Add user with user1 name and /bin/false shell.

Do not create home directory with -M option.

SFTP Server require Home directory with root:root owner and 755 permissions!

useradd -s /bin/false -d /home/user1 -M user1
passwd user1

mkdir -p /home/user1/data
chown user1:user1 /home/user1/data

Configure SSH

Change the Subsystem to internal-sftp in sshd_config.

mcedit /etc/ssh/sshd_config
#Subsystem  sftp    /usr/libexec/openssh/sftp-server
Subsystem   sftp    internal-sftp

This tells sshd to use SFTP server code built into sshd instead of running sftp-server, which is now redundant and only kept for a backward compatibility.

Add to the end of sshd_config:

Match User user1
   ChrootDirectory /home/user1/
   ForceCommand internal-sftp
   X11Forwarding no
   AllowTcpForwarding no
   PasswordAuthentication yes

Note you can add multiple users here separated by a comma, e.g. Match User user1, user2, user3...


systemctl restart sshd

Next Post Previous Post