Today I need to give my friend access to my server, so he can edit any files in that folder. My server is running OpenSSH and SFTP is enabled by default, actually I can create a new Linux user for him to access with SFTP. But I just want he accessing to the folder I gave him, so here I modify OpenSSH configuration to fit my need.
System details:
- Ubuntu 14.04
- Running OpenSSH
Steps:
- Add a group called sftp.
sudo addgroup sftp - Add new user with default home path, assign to sftp group and disable shell access.
sudo useradd -m -g sftp -s /bin/false username - Give a new password for the user.
sudo passwd username - Change home directory’s user and group to root.
sudo chown root:root /home/username - Change home directory’s permission
sudo chmod 755 /home/username - Go into the folder
cd /home/username - Create a new folder named www.
sudo mkdir www - Change www folder’s user and group to username.
sudo chown username:username www - This step is the core. Edit to /etc/ssh/sshd_config with the editor you used to.
sudo nano /etc/ssh/sshd_config - Add following lines to the end of /etc/ssh/sshd_config.
Match group sftpChrootDirectory %hX11Forwarding noAllowTcpForwarding noForceCommand internal-sftp# PasswordAuthentication yesEnable PasswordAuthentication by uncomment it if you enabled PubkeyAuthentication for other users in sshd_config.
- Restart ssh service. Done.
sudo /etc/init.d/ssh restart
Be First to Comment