将SFTP用户限制为主目录
[英]Restricting SFTP user to home directory
问题描述
I'm trying to set up a client SFTP space on an EC2 ubuntu server, with access restricted to just that user's home directory. 
我正在尝试在EC2 ubuntu服务器上设置客户端SFTP空间,访问权限仅限于该用户的主目录。 There's only about six thousand other threads on this, and I've got most of them open in other tabs. 这个上只有大约六千个其他线程,而我大多数都在其他选项卡中打开。 It would appear to be straightforward. 这似乎很简单。
I've done: 我弄完了:
$ sudo groupadd loginsftp
$ sudo groupadd loginssh
$ sudo adduser sftpuser
$ sudo gpasswd -a sftpuser loginsftp
$ sudo chown root:root home/sftpuser
$ sudo su sftpuser
$ groups
> sftpuser loginsftp
The bottom of my /etc/ssh/sshd_config looks like: 我的/ etc / ssh / sshd_config的底部看起来像:
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
UsePAM yes
Match Group loginssh
PasswordAuthentication no
Match Group loginsftp
PasswordAuthentication yes
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
.. and I've restarted ssh service. ..并且我已经重新启动了ssh服务。
But I don't seem to be able to restrict that user login. 但我似乎无法限制该用户登录。 I can still (from my local machine): 我仍然可以(从本地计算机上):
$ sftp sftpuser@ec2-server.amazonaws.com
sftpuser@ec2-server.amazonaws.com's password:
Connected to ec2-server.amazonaws.com.
sftp> pwd
Remote working directory: /home/sftpuser
sftp> cd /var/www
sftp> ls -la
What have I overlooked? 我忽略了什么?
1 个解决方案
解决方案1
4 2014-07-09 08:39:38
Bah. 呸。 I'm an idiot and should make sure that when I think I've restarted ssh, I have actually restarted ssh. 我是个白痴,应该确保当我认为重新启动ssh时,实际上已经重新启动ssh。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.