How to Create an SFTP User with Limited Access on Ubuntu

最新推荐文章于 2024-09-16 01:35:45 发布
最新推荐文章于 2024-09-16 01:35:45 发布
阅读量137 收藏
点赞数
分类专栏: linux 文章标签: ubuntu ssh
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/sjdi521/article/details/120678716
版权

Since SFTP is secure than FTP, we always prefer the SFTP setup rather than FTP setup. (If you are new to SFTP, you can read about the key difference between FTP and SFTP. Others, read on.)  

Restrictive SFTP User

Please note, the below process is applicable to Ubuntu, and I assume you have already created the site

  Let’s assume the root directory of your site is /home/client_user. So when running the below commands, change /home/client_user to your site’s root directory.  

Create a New User

Now, lets create a new user named ‘client_user’ and assign that user /home/client_user directory as a home directory. Fire up your terminal to connect to your server. Once you are connected, below command can be used to create a user. Make sure you replace client_user with the username you prefer and /home/client_user with the directory you want to assign to that user.  

sudo useradd -d /home/client_user client_user

 (Interested in reading about other options which can be passed to useradd? If yes, then you can read through these examples.)  

Set a Password

Once the user is created, we need to set a password. To set a password for that user, execute the below command  

sudo passwd client_user

We are ready with the new user now. Its time to make some changes in our SSH configuration.  

Restrict Access

Open the /etc/ssh/sshd_config file and append the below given code. (Remember to replace client_user with username you have created)
 

subsystem sftp internal-sftp 

Match User client_user 

ChrootDirectory %h 

AllowTCPForwarding no 

X11 Forwarding no 

ForceCommand internal-sftp

%h stands for home directory.  

After doing the above changes, save the file and restart the SSH service. To restart SSH service, execute  

sudo service ssh restart

Done! Now try logging into the system with the new user’s credentials, and check if everything is working correctly.  

One last tip: For those of you who get a ‘fatal: bad ownership or modes for chroot directory’ error, do not worry. When this issue occurs, we need to make sure that the home directory of a user is owned by root and no one else can write into that directory. So change the owner of home directory using the following commands:  
 

sudo chown root:root /home/client_user 

sudo chmod 755 /home/client_user

After changing the permissions, try it again. If it still does not work for you, do leave your comments. I will be more than happy to help you 

孤独的飞行者
关注
专栏目录
How to setup FTP server in ubuntu
zs12344444的专栏
09-19 595
File Transfer Protocol (FTP) is a TCP protocol for uploading and downloading files between computers. FTP works on a client/server model. The server component is called an FTP daemon. It continuousl
How-To-Secure-A-Linux-Server
weixin_30670965的博客
05-08 1331
Reference: https://raw.githubusercontent.com/imthenachoman/How-To-Secure-A-Linux-Server/master/linux-kernel-sysctl-hardening.md https://github.com/imthenachoman/How-To-Secure-A-Linux-Server https:/...
Ubuntu install vsftpd
weixin_34092370的博客
11-28 112
以下内容转载自https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-for-a-user-s-directory-on-ubuntu-16-04 IntroductionFTP, short for File Transfer Protocol, is a network protocol ...
Learn to Hack
05-04 585
Attack servers, crack passwords, exploit services, beat encryption - everything you need to protect yourself from evil. There are two ru...
在RedHat 和 Ubuntu 中配置 Delphi 的Linux开发环境(转)
weixin_30497527的博客
02-05 312
原文地址:http://chapmanworld.com/2016/12/29/configure-delphi-and-redhat-or-ubuntu-for-linux-development/ 方便大家使用,直接转过来。 Image courtesy of Jim McKeeth. One of the more exciting features of t...
THE TOOLS TO MANAGE YOUR DATA ACROSS CLOUDS
weixin_30783629的博客
06-21 194
http://blog.grexit.com/manage-data-across-clouds/ That the average small business uses a cloud service to enable collaboration and backup is pretty much a foregone conclusion. But what’s also rather ...
linux 命令中英文对照,收集
高锦的博客
11-21 3403
linux 命令中英文对照,收集
springboot
qinhun0106的博客
10-13 3059
Spring Boot Reference Guide Authors Phillip Webb, Dave Syer, Josh Long, Stéphane Nicoll, Rob Winch, Andy Wilkinson, Marcel Overdijk, Christian Dupuis, Sébastien Deleuze 1.3.7.RELEASE Copyright © 2...
OSCP Learning Notes - Privilege Escalation
weixin_30642561的博客
07-29 4117
Privilege Escalation Download the Basic-pentesting vitualmation from the following website: https://www.vulnhub.com/entry/basic-pentesting-1,216/ 1.Scan the target server using nmap. nmap...
How to use SFTP
08-01
How to use SFTP (with client validation - public key authentication) The topic How to use SFTP (with client validation - password authentication) discusses the simplest form of client ...
ubuntu sftp服务器搭建
changdongdong1987的专栏
07-30 2724
一、SFTP是什么 SFTPSSH File Transfer Protocol)是一个比普通FTP更为安全的文件传输协议。它工作在SSH 上,确保文件被加密传输。默认使用端口是 22. SFTP 常用客户端软件推荐使用 FileZilla,下载链接如下:https://www.filezilla.cn/download/client FileZilla 客户端配置步骤: 打开 FileZilla --> 文件 --> 站点管理 --> 新站点 --> 常规 -...
ubuntu下设置sftp读写指定目录
蛐蛐的博客
11-12 953
1.简介 需要创建一个特定用户,并且让用户读写指定目录以及子目录 2.修改属组权限 原来目录权限是属主可以读写,属组只可以读 因为要添加一个新的访问用户,所以要先把属组权限改成读写 $ sudo chmod -R g+w . $ ls -l total 216 -rw-rw-r-- 1 www-data www-data 405 Feb 6 2020 index.php -rw-rw-r-- 1 www-data www-data 19915 Jan 1 2021..
Ubuntu安装SFTP服务
qq_32705627的博客
07-31 647
SFTP介绍 sftp是Secure File Transfer Protocol的缩写,安全文件传送协议。可以为传输文件提供一种安全的网络的加密方法。sftp 与 ftp 有着几乎一样的语法和功能。SFTPSSH的其中一部分,是一种传输档案至 Blogger 伺服器的安全方式。其实在SSH软件包中,已经包含了一个叫作SFTP(Secure File Transfer Protocol)的安...
Ubuntu 20.04 Linux无法访问GitHub问题
cdzg_zzk的博客
09-13 298
Ubuntu无法访问GitHub
ubuntu下手工编译安装 6.* 最新内核
Wang20122013的博客
09-13 566
我这里使用 Ubuntu 22.04 的最新 HWE 6.5 内核,从相应镜像网站下载包含内核配置文件(config-6.5.0-14-generic)模块包 linux-modules-6.5.0-14-generic_6.5.0-14.14~22.04.1_amd64.deb。. 从当前机器的启动目录拷贝配置信息到源代码目录。这步操作的意思是我们编译内核的配置采用用当前环境一致的配置。假定电脑是 UEFI 类型的 BIOS,手工编译内核之前先在主板 BIOS 中禁止 UEFI 的安全启动。
ubuntu20.04下载cuda11.8
weixin_58074451的博客
09-12 299
【代码】ubuntu20.04下载cuda11.8。
Ubuntu搭建FTP服务器
weixin_42198851的博客
09-10 635
5. 执行以下指令打开/etc/xinetd.d/tftp 文件, 配置/etc/ xinetd.d/tftp 文件,将 tftp 路径设置为tftp服务目录。2. 新建tftp工作目录,并添加读、写、执行权限(没有权限后面无法正常访问该文件夹),如下图所示。3. 安装 tftp-hpa 和 tftpd-hpa 服务程序,其命令如下图所示。
问题——IMX6UL的uboot无法ping主机或Ubuntu
最新发布
m0_74349248的博客
09-16 917
主要描述可能的方向,不涉具体过程,相应操作可以查阅网上相关教程跟随正点原子教程测试以太网端口时,即便按照步骤多次尝试也无法ping通,后补充了些许网络工程基础知识解决了这个问题。uboot无法ping主机或Ubuntu有多种可能,我所知的有以下几种情况——物理上未连接或连接松动——防火墙没有关——uboot的ip地址、子网掩码等配置错误——…………这次我所遇到的是第三种,这种情况比较复杂,有可能是虚拟机或主机网络配置错误、ip地址和子网掩码找错等。
ubuntu sftp
08-07
Ubuntu上使用SFTP,您可以通过以下步骤进行操作: 1. 确保您的Ubuntu系统已经安装了OpenSSH服务器。如果没有安装,可以使用以下命令进行安装: ``` sudo apt update sudo apt install openssh-server ``` 2....
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值