Shulou(Shulou.com)05/31 Report--

This article mainly explains the "Linux SFTP user rights setting conditions and implementation commands are what", the article explains the content is simple and clear, easy to learn and understand, the following please follow the editor's ideas slowly in-depth, together to study and learn "Linux SFTP user rights setting conditions and what is the implementation command" bar!

Necessary conditions:

Your version of openssh-server at least gains or loses 4.8p1, because the configuration permissions need to be completed by the new configuration item chrootdirectory added by the version.

How do I view the ssh version on my server? You can try the following command:

$ssh-v

Specific implementation steps:

1. We need to create a user group dedicated to sftp users

$groupadd sftpusers

two。 We create a user test

$useradd-s / bin/false-g sftpuser test

Notice here that we set the shell of the test user to / bin/false so that he does not have permission to log in to shell

3. Edit / etc/ssh/sshd_config

Locate the configuration item subsystem and change it to

Subsystem sftp internal-sftp

Then add configuration settings at the end of the file. Users who belong to the user group sftpusers can only access their own home folder.

Match group sftpusers

Chrootdirectory h

Forcecommand internal-sftp

Allowtcpforwarding no

Save and close the file

4. Modify the permissions of the test user's home folder so that it belongs to the root user

Chown root ~ test

5. Restart the sshd service

$service sshd restart

6. Test user account

$ssh test@localhost

The connection will be rejected or unable to log in

$sftp tesst@localhost

After logging in, you will find that your account cannot be switched to a place other than your own home directory.

Frequently asked questions:

If the following prompt appears when you link to the server:

Write failed: broken pipe

Couldn't read packet: connection reset by peer

The reason for this problem is the permission of chrootdirectory. The directory you set must be owned by the root user, otherwise there will be a problem. So make sure that the owner of the root directory of the sftp user is root, with permissions of 750 or 755.

Thank you for your reading, the above is the content of "SFTP user rights setting conditions and implementation commands under Linux". After the study of this article, I believe you have a deeper understanding of what the Linux user rights setting conditions and implementation commands are, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.