![]() The ForceCommand option must always be the first one! Don't let other examples on the internet misguide you. The ForceCommand option makes sure that the restricted users can only use the SSHD for SFTP, so they don't have the possibility of opening a regular SSH session.If you are using an AllowUsers or AllowGroup policy, you will also have to add the "sftponly" group, or it's users, behind one of this options Match group sftponly In this example a "Match rule block" is set up for the group "sftponly". All options set under this line will apply for this block, until a next "Match rule block" is specified. A "Match rule block" always has to be at the bottom of the configuration file. #Subsystem sftp /usr/lib64/ssh/sftp-serverĪ "Match rule block" can be used to set specific options for certain users or groups. Locate the following line, comment it out and add the new option: In order to let the ChrootDirectory work, you must use the SSHD internal SFTP server. ![]() Be familiar with Yast2 module: “Users and Groups”Įdit /etc/ssh/sshd_config with your favourite editor as root. ![]()
0 Comments
Leave a Reply. |