January 2018
Intermediate to advanced
376 pages
8h 45m
English
Content preview from Mastering Linux Security and Hardening
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Setting up a chroot environment for SFTP users
Secure File Transfer Protocol (SFTP) is a great tool for performing secure file transfers. There is a command-line client, but users will most likely use a graphical client, such as Filezilla. A common use-case for SFTP is to allow website owners to upload web content files to the proper content directories on a web server. With a default SSH setup, anyone who has a user account on a Linux machine can log in through either SSH or SFTP, and can navigate through the server's entire filesystem. What we really want for SFTP users is to prevent them from logging into a command-prompt via SSH, and to confine them to their own designated directories.