File/Directory permissions for SFTP user

view full story

http://serverfault.com – After using the SSH quite a lot on my 1.5 week old Debian 6 VPS, I wanted to start uploading files through SFTP. I already tried that earlier, but with the root account, which isn't possible with SSH anymore due to security changes. So I've made a separate user, let's call him sftpuser for now, who belongs to the group sftp. He got a special entry in the sshd_config: Match Group sftp ChrootDirectory /var/www ForceCommand internal-sftp PasswordAuthentication yes So, he is lucky and doesn't need a keyfile to connect, but he is limited to /var/www. Well, that works, I can login (HowTos)

Submitted by u85500 on 08/10/2012 – Made popular on 08/10/2012

Login or register to post comments
Email this page

Stories similar to File/Directory permissions for SFTP user

Is there no way to preserve permissions on sftp? 50 weeks 3 days ago

Debian 6

I've setup /etc/ssh/sshd_config as such:

Subsystem sftp internal-sftp -u 0002

Match Group sftp ChrootDirectory %h ForceCommand internal-sftp -u 0002 AllowTcpForwarding no Match

I get the users home to /var/www and chown the owner to root:root.

All good. The user can access via sftp and alter subdirectories.

my version of ssh doesn't support 'Match' and 'ForceCommand'? 2 years 44 weeks ago

Hello, I am trying to implement a chroot directory for a group of sftp users who all manage a shared directory. The relevant portion of my sshd_config file is below:

Subsystem sftp internal-sftp

Match Group mygroup ChrootDirectory /foo/bar X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp

User can't SFTP after chroot 33 weeks 5 days ago

Ubuntu 10.04.4 LTS

I'm trying to chroot the user 'sam'.

OpenSSH anything like 'internal-sftp' but for SCP? 38 weeks 2 days ago

I'm running Debian stable and I'm looking to establish the following environment for users in my 'sftponly' group:

jailed can transfer with SFTP can transfer with SCP cannot login interactively with SSH

From my experimentation and research, it seems that the following stanza in sshd_config gets me 90% there:

Match group sftponly ChrootDirectory /sftp/%u X11Forwarding no AllowTcpForwarding no

chrooted SSH & SFTP user 42 weeks 4 hours ago

Hello there!Going through https://wiki.archlinux.org/index.php/SFTP-chroot and addding a new group with removed ForceCommand parameter from sshd_config still doesn't let me to log in to ssh.

Setting up a chroot sftp on debian server 31 weeks 5 days ago

I'm trying to allow a user "user" to access my server by either sftp or ssh. I want to jail them into a directory with chroot.

[ubuntu] sftp and chroot connection problems 45 weeks 4 hours ago

Hi everybody

I have a ubuntu 10.04.4 server running.

Chrooting SFTP setup for a user 18 weeks 2 days ago

I would like to ceate SFTP user and limit access to a directory. So I created user and added following in configuration

Match user joe ChrootDirectory /storage/public ForceCommand /usr/libexec/sftp-server

However, it doesn't seems I can connect to server, i got error

ssh: connect to host 11.22.33.44 port 22: Connection refused

My sftp jailed user cant see directories down the ChrootDirectory 9 weeks 2 days ago

I am triying to jail user.