set sftp in redhat

# create user ftprhel
useradd ftprhel
passwd ftprhel

# create new group
groupadd sftpusers

# modify an existing user and make him an sftp user only and put him in the chroot sftp jail, do the following
usermod -g sftpusers -d /incoming -s /sbin/nologin ftprhel

#Setup sftp-server Subsystem in sshd_config
nano /etc/ssh/sshd_config

# comment sftp, add commet to sftp
#Subsystem      sftp    /usr/libexec/openssh/sftp-server

# add new value Subsystem sftp
Subsystem       sftp    internal-sftp

# show what sftp value
grep sftp /etc/ssh/sshd_config

# Specify Chroot Directory for a Group
# add this three line to /etc/ssh/sshd_config
    Match Group sftpusers
        ChrootDirectory /sftp/%u
        ForceCommand internal-sftp

# Create sftp Home Directory
mkdir -p /sftp/ftprhel/incoming

# give appropriate permission
chown ftprhel:sftpusers /sftp/ftprhel/incoming

#restart sshd
service sshd restart

# test with sftp client, filezilla or winscp, or linux sftp
#if you have error
#Error listing directory ‘incoming’
#Permission denied.
#Error code: 3
#Error message from server: Permission denied
#Request code: 11

# enforce SELinux 
setenforce 0



Published by


just to remember what i had known :)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s