What Is SFTP Server?
Secure File Transfer Protocol (SFTP) is used to encrypt connections between clients and the FTP server. SFTP provides file access, file transfer, and file management functionalities over SSH tunnels. Setting up an SFTP server accessed by multiple users requires you to enforce security protection in terms of protecting SFTP users from external intruders and also protect the SFTP server from other malicious SFTP users. It also allows you to provide isolation among individual SFTP users. This post aims to show you how to setup SFTP server in CentOS. Note that this may be achieved via many different ways but we will be using MySecureShell which is an OpenSSH-based SFTP server. With MySecureShell, you have the following capabilities; you control your SFTP server bandwidth, you can administer your server via a GUI and you can also enforce restrictions on users via ip or groups, with comprehensive logging information and many other more.
We will begin by installing the following –
Add the following to the end of the page –
To limit a user to a designated directory ,we will make the following changes in /etc/ssh/shtp_config
You can edit with your editor
Find line 147 and comment it out –Subsystem sftp /usr/libexec/openssh/sftp-server and add the one lines below.
Add this after commented line –
NB. the above chroots the user to a specified folder but you could also possibly chroot them to their home directory by replacing “ChrootDirectory /sftp/%u” with “ChrootDirectory %h”.
Now we’ll need to make the chrooted directory tree where this user(jack) will get locked into.