Shulou(Shulou.com)06/01 Report--

Most people do not understand the knowledge points of this article "how to set SFTP service user directory permissions in Ubuntu", so the editor summarizes the following contents, detailed content, clear steps, and has a certain reference value. I hope you can get something after reading this article. Let's take a look at this "how to set SFTP service user directory permissions in Ubuntu" article.

Sometimes we need to restrict a Linux user so that he can only add, modify, delete in a specified directory, and can only log in to the server using sftp, not ssh. This can be achieved by configuring the sftp service.

Create a new user ui and disable ssh login

You can use the-M parameter to prohibit the creation of personal directories.

Useradd-s / sbin/nologin xiaobai / / xiaobai indicates that the new user you want to create sets the user password passwd xiaobai configuration sshd_configvim / etc/ssh/sshd_config to the following, save exit # comment out the line # Subsystem sftp / usr/libexec/openssh/sftp-server# add at the end of the configuration file Subsystem sftp internal-sftp # specify to use the sftp service to use the system's own internal-sftpMatch User xiaobai # to match the user If you want to match multiple groups, separate ChrootDirectory / var/www between groups with commas # use chroot to specify the root directory of the user, if you have permission requirements, see the note ForceCommand internal-sftp # below to specify the sftp command

PS: set directory permissions. There are two points to pay attention to when setting directory permissions:

The owner of a directory that starts all the way up to the root of the system can only be root.

You cannot have group write permission from the directory up to the root of the system.

Restart the sshd service service ssh restart # I don't know why the service sshd restart command cannot be used

The following is the process of login testing. If you cannot log in, please pay attention to the directory permission settings.

Modify directory owners and permissions

Chmod-R 755 / var/www/htmlchown-R xiaobai:xiaobai / var/www/html # directory arbitrarily specify that the www directory of the ChrootDirectory / var/www command must be root permission, the folder (or file) under www gives user permission, and the text gives xiaobai permission. . / root../ roothtml xiaobaihtml2 xiaobai above is the content of this article on "how to set SFTP service user directory permissions in Ubuntu". I believe everyone has a certain understanding. I hope the content shared by the editor will be helpful to you. If you want to learn more about the relevant knowledge, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.