Configurations Sftp server chroot (sftp chroot)
Note:- · need to open port or disabled iptables. · Selinux need to disabled 1. Create a New Group Create a group called sftpusers. Only users who belong to this group will be automatically restricted to the SFTP chroot environment on this system. # groupadd sftpusers 2. Create Users (or Modify Existing User) Let us say you want to create an user guestuser who should be allowed only to perform SFTP in a chroot environment, and should not be allowed to perform SSH. The following command creates guestuser, assigns this user to sftpusers group, make /incoming as the home directory, set /sbin/nologin as shell (which will not allow the user to ssh and get shell access). # useradd -g sftpusers -d /incoming -s /sbin/nologin guestuser # passwd guestuser Verify that the user got created properly. # grep guestuser /etc/passwd guestuser:x:500:500::/incoming:/sbin/nologin If you want to modify an existing user and make him an sftp user only