how to set configure SFTP's quotas in linux debian 6

Discussion in 'General Linux' started by bestshop24h, Sep 10, 2013.

  1. bestshop24h

    bestshop24h New Member

    Sep 10, 2013
    Likes Received:
  2. grim76

    grim76 Active Member Staff Writer

    Nov 21, 2011
    Likes Received:
    That should work fine for setting up quotas.
  3. anubhav tiwari

    anubhav tiwari New Member

    Jul 30, 2013
    Likes Received:
    1. Edit your/etc/ssh/sshd_configfile with your favorite text editor:
    2. vim /etc/ssh/sshd_config

    1. Add or modify theSubsystem sftpline to look like the following:
    File excerpt:/etc/ssh/sshd_config

    Subsystem sftp internal-sftp

    1. Add this block of settings to the end of the file:
    File excerpt:/etc/ssh/sshd_config

    Match group filetransfer
    ChrootDirectory %h
    X11Forwarding no
    AllowTcpForwarding no
    ForceCommand internal-sftp
    1. Save the changes to your file.

    2. Restart OpenSSH:

    3. /etc/init.d/ssh restart
    OpenSSH has been successfully modified.

    Modify user accounts to setup quota.

    In this section, we'll set up the correct new groups, ownership, and permissions for your user accounts.

    1. Create a group for users whom you want to restrict to SFTP access:
    2. addgroup filetransfer

    1. Modify the user accounts that you wish to restrict to SFTP. Issue the following commands for each account, substituting the appropriate username. Please keep in mind that this will prevent these users from being able to log into a remote shell session.
    4. usermod -G filetransfer username

    5. chown root:root /home/username

    6. chmod 755 /home/username

    These users will now be unable to create files in their home directories, since these directories are owned by the root user.

    1. Next, you need to create new directories for each user, to which they will have full access. Issue the following commands for each user, changing the directories created to suit your needs:
    8. cd /home/username

    9. mkdir docs public_html

    10.chown username:filetransfer *

    Your users should now be able to log into their accounts via SFTP and transfer files to and from their assigned subdirectories, but they shouldn't be able to see the rest of your Linode's filesystem.
    The Quicken likes this.

Share This Page