Restrict SSH User Access to Certain Directory Using Chrooted Jail

Restrict SSH User Access to Certain Directory Using Chrooted Jail

1.Create a normal user.

2.Assign home directory
/raghuraman/tmp-sftp
3.The permission for raghuraman should be 755 and it should be owned by root.root.
4.The permission for tmp-sftp 755 and it should be owned by root.root.
5.The permission for /raghuraman/tmp-sftp/data should be 700 and it should be owned by the username raghuraman.raghuraman.
6.Modify the below changes in /etc/ssh/sshd_config as mentioned below
#Subsystem sftp /usr/lib/openssh/sftp-server - comment this line and make it as mentioned below.
Subsystem sftp internal-sftp
7.To Chroot a user add the below lines in sshd_config.
Match user raghuraman
ChrootDirectory /sftpusers/raghuraman
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
8.Restart SSH Service.
9.Check and verify it by login to the user via SFTP using the below command.
 sftp -oPort=2222 raghuraman@localhost or server IP.

Comments

Post a Comment

Popular posts from this blog

How To Know Which Program To Use To Open An Unknown File Extension

How To Know Which Program To Use To Open An Unknown File Extension program is correct  to  open  a unknown extension Method 1: Use a  web service  to find the  appropriate program 1.   Double click  on the file and Select  “Use the Web Service to find the appropriate program”. This method will call a web service by  Microsoft  which lets you find out which program is suitable to open the file with  unknown extension. You can also  use this service  in another way to check which program to use for a p articular file extension http://shell.windows.com/fileassoc/0409/xml/redir.asp?EXT=txt In the above link just change the  extension txt  with any  unknown file extension  in the above link to know which program to use to open a file with that unknown extension Method 2:  Use the web-site  www.filext.com 1.  Open the site  www.filext.com  in you...
Read more

Step By Step: Install and Configure Sensu + Grafana

Image
Step By Step: Install and Configure Sensu + Grafana Written By: Santhosh Kumar, Cloud Engineer, Powerupcloud | Contributors: Logeshkumar Muruganantham, Cloud Engineer, Powerupcloud We, at Powerupcloud, extensively use  Sensu  for monitoring the 50+ client environments we manage — which are of all flavors and sizes. Together with Grafana for graphs, we found it to be a great monitoring platform. Though Sensu’s  documentation  is pretty comprehensive, we did spend some time figuring out things during the initial setup. After multiple deployments of Sensu for wide variety of environments, our engineers grew expertise with it and we thought a clear and concise set of instructions would be useful for someone starting afresh. So what follows is a step by step for - Sensu Installation and configuration Uchiwa Dashboard Setup Configure plugins, sample checks and a sensu client Graphite and Grafana installation Rendering Grafana graphs in Uchiwa Monitoring a...
Read more

Hosting a WordPress Blog with Amazon Linux

Image
Hosting a WordPress Blog with Amazon Linux Written By: Nagaraj Gurusamy, Technical Manager, Powerupcloud | Contributors: Suganya G, Cloud Support Engineer, Powerupcloud Creating a website from scratch is difficult or requires a lot of coding and design skills — but that’s no longer true!. In 2016, content management systems (CMS) like WordPress have made creating a website accessible to everyone.To put simply, a content management system (or website building platform) is a user-friendly platform for building websites and managing your own online content, instead of using a bunch of loose HTML pages. Here is a detailed instruction on how to setup a Wordpress blog website on an Amazon EC2. Prerequisites Install a LAMP Web Server on Amazon Linux to meet these prerequisites and then return to install WordPress. We strongly recommend that you associate an Elastic IP address (EIP) to the instance you are using to host a WordPress blog. This prevents the public DNS address f...
Read more