10-21-2013
So that people wont have to go through this pain:
SFTP Setup:
Edit /etc/ssh/sshd_config:
Subsystem sftp internal-sftp
Add the rule to match a group.
Match Group sftpusers
PasswordAuthentication yes
ChrootDirectory /srv/sftponly/public
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp
Add the sftp group:
groupadd sftpusers
Add user:
useradd -d /srv/sftponly/public -g sftpusers -s /bin/false testuser
passwd testuser
Set permissions of directory(chroot path has to be owned by root and only have write access for root!) with whatever public folder having the correct permissions(in this case "testuser" is the public folder with chmod 300 (wx) as the permissions of the folder.
d-wx------ 2 testuser sftpuser 4096 Oct 17 21:11 /srv/sftponly/public/testuser/
Next:
root@SE01:~# chown root:root /srv ; chown root:root /srv/sftponly ; chown root:root /srv/sftponly/public; mkdir /srv/sftponly/public/testuser; chown testuser:sftpuser /svr/sftpuser/public/testuser
root@SE01:~# ls -ldt /srv/
drwxr-xr-x 3 root root 4096 Oct 7 11:10 /srv/
root@SE01:~# ls -ldt /srv/sftponly/
drwxr-xr-x 3 root root 4096 Oct 15 13:56 /srv/sftponly/
root@SE01:~# ls -ldt /srv/sftponly/public/
drwxr-xr-x 3 root root 4096 Oct 17 17:47 /srv/sftponly/public/
root@SE01:~# ls -ldt /srv/sftponly/public/sendus/
d-wx------ 2 testuser sftpuser 4096 Oct 17 21:11 /srv/sftponly/public/testuser/
Finally set the umask for the files that are being uploaded /etc/pam.d/sshd
session optional pam_umask.so umask=0400
Default Directory Permissions 777
Default File Permissions 666
To get file permission that is desired
666-266(umask)= 400 = resulting files of
--w------- 1 testuser sftpusers 5 Oct 21 14:00 blah-blah
Now, start openssh:
/etc/init.d/ssh restart
This User Gave Thanks to metallica1973 For This Post:
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I want to upload a text file into the database. what is the command for that?
Thanks in Advance. (1 Reply)
Discussion started by: Balkrishna
1 Replies
2. Shell Programming and Scripting
Hello All,
Is there a way to upload whole directories to a machine using sftp (scp is not an option)? I have to use sftp because the machine that I am connecting to only has SFTP abilities (uploading from a linux box to a windows box).
Currently I am automating a copy however right now I am... (2 Replies)
Discussion started by: mab623
2 Replies
3. Linux
Hi,
I am having small query and wheather it is possible ? that user can transfer the files using ftp client examples (filezilla) , but he can not use putty to login using ftp and run the commands,
Regards,
Manoj (2 Replies)
Discussion started by: manoj.solaris
2 Replies
4. Solaris
one of the business users is ftping files into unix box using user name ftp_user, where as i am using infa_user to login into same unix box. When i am trying to access those or copy over those files from upload directory it says permission denied.
Though i know the password of ftp_user to... (4 Replies)
Discussion started by: Ariean
4 Replies
5. UNIX for Dummies Questions & Answers
Hi, I am a newbie and not really familiar with commands, I have searched the forum, but there was only one thread. That thread suggested compressing it and then decompressing it. So I am wondering, what format do I compress it to, and how do I decompress it once I uploaded it from within SFTP... (4 Replies)
Discussion started by: greetea
4 Replies
6. Shell Programming and Scripting
Hi
I'm using this script to upload a file from local system to sftp server.
But in the log file i'm getting an error "Error during upload"
Can you please help me out ...
### CONFIGURATION
LOCAL_DIR=/abc/out
FILE_MASK="File*.txt"
LOG_DIR=/abc/error/File_`date "+%Y%m%d%H%M%S"`.LOG... (3 Replies)
Discussion started by: Jaychandra
3 Replies
7. Shell Programming and Scripting
I have ftp url, username and passwd.
My file is named app.log.
How do I upload this to my ftp server???
I read the manual but I didn't understand much...:cool: (4 Replies)
Discussion started by: hakermania
4 Replies
8. Shell Programming and Scripting
Is it possible to upload a file from unix server to sharepoint server through shell or perl scripting. I have the sharepoint link where it needs to be uploaded.
Could you please share your views on this ? (0 Replies)
Discussion started by: scriptscript
0 Replies
9. Shell Programming and Scripting
Hi
The below script used to work fine. Suddenly it's uploading empty file. I am very new to perl. Please help me to find out the problem.
#!/usr/bin/perl
#script: upload.pl
use CGI qw/:standard/;
print header,
start_html('File upload');
print_form();
print_results() if... (2 Replies)
Discussion started by: Anupam_Halder
2 Replies
10. Shell Programming and Scripting
Hi All,
i am using hp-ux server and doing mput command for uploading the multiple files.
below is the code
sftp hfjr@usilehrttlsd01.com
cd /home/sftp_dir
mput kk1 kk2
i am getting Uploading kk1 to /home/sftp_dir/kk2.
problem is i am getting kk2 file only not kk1 file.
when i am... (13 Replies)
Discussion started by: krupasindhu18
13 Replies
LEARN ABOUT ULTRIX
sftp-server
sftp-server(1M) System Administration Commands sftp-server(1M)
NAME
sftp-server - SFTP server subsystem
SYNOPSIS
/usr/lib/ssh/sftp-server
DESCRIPTION
sftp-server implements the server side of the SSH File Transfer Protocol as defined in the IETF draft-ietf-secsh-filexfer.
sftp-server is a subsystem for sshd(1M) and must not be run directly. There are no options or config settings.
To enable the sftp-server subsystem for sshd add the following to /etc/ssh/sshd_config:
Subsystem sftp /usr/lib/ssh/sftp-server
See sshd_config(4) for a description of the format and contents of that file.
There is no relationship between the protocol used by sftp-server and the FTP protocol (RFC 959) provided by in.ftpd.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
>0 An error occurred.
FILES
/usr/lib/sftp-server
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshdu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO
sftp(1), ssh(1), ssh-add(1), ssh-keygen(1), sshd(1M), sshd_config(4), attributes(5)
To view license terms, attribution, and copyright for OpenSSH, the default path is /var/sadm/pkg/SUNWsshdr/install/copyright. If the
Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the installed
location.
AUTHOR
Markus Friedl
SunOS 5.10 30 Jul 2003 sftp-server(1M)