Get full access to Mastering Bash and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Restricted sftp sessions with OpenSSH

Using OpenSSH, everything can be easily done with five configuration lines and a few commands; let's see how. We are on the remote server.

First, let's open the OpenSSH file, which is usually found in /etc/ssh/sshd_config and add these few lines:

Match group sftp-onlyChrootDirectory /opt/jails/%u/exchangeX11Forwarding noAllowTcpForwarding noForceCommand internal-sftp

We should already know what these directives are, but let's recall what we wrote in Chapter 12, Remote Connections over SSH, about remote connections over ssh:

Match: With this directive, we can use conditional statements so that if they are satisfied the following configuration lines, we will override the ones in the main configuration ...

Get Mastering Bash now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now