SFTP server setup on ec2 instance - noi-techpark/documentation GitHub Wiki
To easily setup sftp with an ec2-instance (Amazon linux in my case), check that Openssh is installed and do the following steps
Security
Since it's basically just ssh we are using you don't to change a lot in your ec2 security groups, just open ssh ports in inbound for the IP's you want to grant access
Setup
-
create a user on your machine (You do not need to call him Chuck :)
adduser chuck
-
in Chuck's home folder create a '.ssh' folder and an authorized_keys file inside and give it the correct authorities enable ssh correctly
mkdir .ssh
touch .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
chmod 700 .ssh/
-
put Chuck's public ssh key in the authorized_keys file
cat chuck_id.pub >> .ssh/authorized_keys
-
create a group for sftp users
groupadd sftponly
-
add user to group
usermod -a -G sftponly chuck
-
go to /etc/ssh/sshd_config and change the following config
## Comment this
# Subsystem sftp /usr/libexec/openssh/sftp-server
## Add or substitute this
Subsystem sftp internal-sftp
Match group sftponly
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
-
restart ssh
/etc/init.d/sshd restart
-
by changing permissions of your new chucks home folder and contentents, he should be chrooted there
chown -R chuck:sftponly /home/chuck/
- Also do not forget to set root as owner of that home dir and set correct access rights, so group can access
chown root:sftponly /home/chuck/
chmod 750 /home/chuck
- try to login to your server via sftp 'sftp [email protected]'
:tada:
If it does not work, ask Chuck!