SFTP restricted user (Debian Jessie)

Kernels & Hardware, configuring network, installing services

SFTP restricted user (Debian Jessie)

Postby yuryn » 2017-03-06 11:20

Hi,

I need to create a user who could upload files to a web root folder /var/www/mysite (Debian Jessie, Apache 2.4) via SFTP . I tried to accomplish this task in accordance with the Linode guide.

/etc/ssh/sshd_config file: Subsystem sftp internal-sftp
Match Group sftp_users ChrootDirectory %h X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp
Restart OpenSSH

$> sudo addgroup --system sftp_users
$> sudo adduser webboss
$> sudo usermod -G sftp_users webboss
$> sudo chown root:root /home/webboss
$> sudo chmod 755 /home/webboss
$> cd /home/webboss
$> sudo mkdir docs
$> sudo chown esljwebboss:sftp_users *


The Linode guide (like many others) ends as "Your users should now be able to log into their accounts via SFTP and transfer files to and from their assigned subdirectories."

But it never happened. Until I created manually a /home/webbos/.ssh folder and a authorized_keys file with my public key inside.

Is this step missed in the guide, or did I miss something?

Thank you
Last edited by yuryn on 2017-03-06 11:54, edited 1 time in total.
yuryn
 
Posts: 1
Joined: 2017-03-06 11:14

Re: SFTP restricted user (Debian Jessie)

Postby dasein » 2017-03-06 11:43

Since you are a very first time poster, you might want to remove the link to your ISP. In general, links to commercial sites are deeply frowned upon hereabouts.
User avatar
dasein
 
Posts: 7476
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: SFTP restricted user (Debian Jessie)

Postby reinob » 2017-03-06 13:51

yuryn wrote:The Linode guide (like many others) ends as "Your users should now be able to log into their accounts via SFTP and transfer files to and from their assigned subdirectories."

But it never happened. Until I created manually a /home/webbos/.ssh folder and a authorized_keys file with my public key inside.

Is this step missed in the guide, or did I miss something?


I had a quick look at the guide and it seems to assume that the user already existed before, meaning that the authentication (password and/or key) was already set-up before restricting it to sftp.
reinob
 
Posts: 494
Joined: 2014-06-30 11:42


Return to System configuration

Who is online

Users browsing this forum: No registered users and 7 guests

fashionable