Setting up an sftp & ssh server

January 9th, 2012

First things first you should do the following:

sudo apt-get install openssh-server ssh

This will install the server and the ssh daemon, you can start the server by doing:

service ssh start

You also have the following at your disposal(don’t forget to sudo if you aren’t running as root):

service ssh restart #restarts the server

service ssh reload #reloads the configuration file for the server

service ssh stop     #stops the server

service ssh status  #gives you a short description of the status of the server

Now that you have some knowledge of how to start, restart, and stop the server we are going to take a look at configuration.

sudo vim /etc/ssh/sshd_config #or nano if your lazy or whatever you normally use gedit is perfectly valid here

The first thing you’ll want to do is set it up to bind to an address (NOTE: The default is to listen on all address’s so if you have your computer in dmz(w/e its called) where your internet ip is assigned to your computer you may want to change this).

So navigate to where it says ListenAddress this tells the server what ip to listen on, your going to want to change this to (which is the loopback address ie it means it will run locally).

The default for this server is to allow ssh scp and sftp connections, you are pretty much done if you don’t mind having those options available for me I wanted to have an sftp only server so I’ll show you guys how in case you wanted to know,

Go to the very last line of your sshd_config(again as earlier mentioned its in /etc/ssh/)

Add this to the bottom:

Match Group sftponly
ChrootDirectory /home/%u
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp

Then do:

sudo groupadd sftponly

Now we need to add a user to the sftponly group

sudo adduser sftpguy

sudo usermod -g sftponly sftpguy

Next we want to chown  /home/ to root

sudo chown root:root /home/

sudo mkdir /home/sftpguy #if it doesn’t exist

sudo chown sftpguy:sftponly /home/sftpguy

You should be done with your sftp server now and can now do:

sudo service ssh start

Hope this helps someone who wants to know this information :P

– acidfrost

Categories: Tutorials

Tags: , , Leave a comment

Comments Feed2 Comments

  1. “Setting up an sftp & ssh server” by AcidFrost « The Linux Purist

    [...] Setting up an sftp & ssh server by AcidFrost [...]

  2. Vassilis

    a small correction:
    sudo chown root:sftponly /home/sftpguy


Leave a comment / Setting up an sftp & ssh server . review . reviews