-- This tutorial describes how to give users chrooted SSH or SFTP access on CentOS. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of.

Step: 1. Create a New Group For SFTP Users :

# groupadd sftpusers

Step: 2. Create a SFTP User :

# mkdir /var/www/html/koushik.com
# useradd -g sftpusers -d /var/www/html/koushik.com/koushik -s /sbin/nologin koushik
# passwd koushik

Step: 3. Configure SFTP Server :

# vi /etc/ssh/sshd_config

-- Find & Commented :

#Subsystem      sftp    /usr/libexec/openssh/sftp-server

-- Add those Lines :

Subsystem sftp internal-sftp
AllowUsers koushik

# User specific configuration
Match User koushik
ChrootDirectory /var/www/html/koushik.com
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

-- Save & Quit (:wq)

Step: 4. Restart SFTP/SSH Service :

# service sshd restart

Step: 5. Give Permission of Chroot Directory :

# chown -Rf koushik:sftpusers /var/www/html/koushik.com/
# chmod -Rf 755 /var/www/html/koushik.com/

Step: 6. Testing SFTP Chroot Jail :

# sftp koushik@192.168.100.229

Are you sure you want to continue connecting (yes/no)? yes

koushik@192.168.100.229's password: redhat

sftp> pwd
Remote working directory: /
sftp> cd /tmp
Couldn't canonicalise: No such file or directory
sftp> cd /etc
Couldn't canonicalise: No such file or directory
sftp> mkdir test
sftp> ls
test
sftp> bye
[root@ser2 ~]#

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog