0 SFTP Jails

 

If you have OpenSSH installed right, then open terminal , or if it’s LAMP server, then go to :

sudo nano /etc/ssh/sshd_config

Then take a look for line with text : Subsystem sftp

Add lines like this : Subsystem sftp internal-sftp

Then add following rules :

 

Match group uploaders</strong>
    ChrootDirectory %h
    X11Forwarding no
    AllowTcpForwarding no
    ForceCommand internal-sftp

 

Then restart SSH server by command :

/etc/init.d/ssh restart

 

When this is done, you have to create a group for users, who will have SFTP access.

addgroup uploaders

 

Next, restrict user accounts. You may use your own restrictions , based on your needs.

usermod -G uploaders username

chown root:root /home/username

chmod 755 /home/username

 

These commands mean that – users won’t be able to create directories/files in their home directories, because owner of them is root user.

So, now you need to create directories for users (for each user) in their home directories.

cd /home/username

mkdir docs public_html

chown username:username *

 

Now users can transfer files to allowed directories, which are located in their home directories.

They won’t be able to see the rest folders on server.