- Create a group sftp_users
# sudo groupadd sftp_users
2. Create the sftp user bunny. Here chroot is set to /home/bunny/data.
# sudo useradd -d /home/bunny/data -G sftp_users -s /sbin/nologin bunny
3. Set password for the user
# sudo passwd bunny
4. Now edit the sshd config file and make the following changes.
# sudo vi /etc/ssh/sshd_config
#comment out the below line and add a line like below
#Subsystem sftp /usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp# add Below lines at the end of file
Match Group sftp_users
X11Forwarding no
AllowTcpForwarding no
ChrootDirectory %h
ForceCommand internal-sftp
5. Restart the sshd service
# sudo systemctl restart sshd
# sudo systemctl status sshd
6. Set ownership and permissions.
# sudo chmod 755 /home/bunny/data
# sudo chown root /home/bunny/data
# sudo chgrp -R sftp_users /home/bunny/data
Now try to sftp and ssh. You can see the message “The user is not allowed to make sshd connection” while you try to ssh to user account.
BunnyTech Blog 