Setup SFTP on Ubuntu How?
I am not sure this is the best way to do this nor am I sure it is that secure. But this is how I did it.
sudo nano /etc/ssh/sshd_config
modify the Subsystem sftp line to look like the following:
Subsystem sftp internal-sftp
Then add this block of text to the end of that same file:
Match group sftpusers
sudo service ssh restart
sudo addgroup –system sftpusers
Create a folder for your website
sudo mkdir /var/www/website
sudo mkdir /var/www/website/website
Yes you need them both. The first one is a landing page for the SFTP jailed user. The second one is where your website files go.
Now making the user is the hardest part.
Create a new user that is in the group sftpusers you can do it all in one line but this is how I did it.
sudo adduser –home /var/www/website newuser
sudo usermod -G sftpusers newuser
Now let set the rights on the folders
sudo chown root:root /var/www/website
sudo chown -R www-data:sftpusers /var/www/website/website
sudo chown -R www-data:sftpusers /var/www/website/website/*
sudo chmod -R 0755 /var/www/website/website
sudo chmod 0755 /var/www/website
It would be best to add a shell that did not let someone login via SSH
sudo nano /etc/shells
At the bottom of that file add this lone
sudo nano /etc/passwd
At the bottom of this file you should see the user you just created. Make sure you replace the Shell with the new one you just create something like this.
Also if you making this public you should add
fail2ban just Google it and you will see how to install.
Now if I have not forgotten anything that should work.