Change sFTP home directory for particular user and from specific server

Thala · June 9, 2017, 6:07am

Hello Folks,

Of course i came here for your favour

How to set a defalult home directory for sFTP login ( at present users land in to their home directrory) when they connect from specific server.

When server(A) sFTP's to Linux server(B) they land to thier home directory.

I want the default directory to be /application/filessytem/data/.

Note: The users are authenticated from LDAP.

Thanks in Advance!

jim_mcnamara · June 9, 2017, 9:26am

The users will have to all use one sFTP account only on server B. That account will only be used for sFTP, and owns the .../.../data directory. If server B is a production server you need to be careful about restricting the new account to that one directory. Consider chroot ing that account.

example chroot setup for linux: Creating a Chroot Jail for SSH Access | Allan Feid

Thala · June 9, 2017, 3:34pm

Hi Jim,
THanks for your reply.

I tried the steps as suggested in that site. it still point me to ldap home directory.

I want the users to land in to /application/filessytem/data/ rather than /home/username

Also i dont want to change the home directory for the user in LDAP, because it affects his job in other servers.

Thanks!

Corona688 · June 9, 2017, 3:56pm

...which is why the first thing he mentioned was a new account which everyone shares, not the same account.

sftp logs in to a users' login directory, that's what its for.

Thala · June 9, 2017, 4:57pm

Hi Corona,
Do you mean i need users to tell to use sftp_test account? sorry i dont know how the sFTP authenticates.
But i created new local user and group.

Please remember from client, users enter their ldap credentials and that land in to the location of huge date of users profiles /ldap/home/ which cause too much delay in login.
And thats the reason i want to jailroot to application directory(less files)

So i need solution wither of this two options,
1.sFTP- chroot to /application/filessytem/data/
2.Change home path for end_user1 to /application/filessytem/data/ with specific hostname.

jim_mcnamara · June 9, 2017, 6:08pm

IF a new employee comes in, how do you add that employee to server B? The same method is what you use for the sftp_account user. You specify a home directory when you create a new user. On linux the passwd/usermod command when run by the root or a suitable account with full passwd access, can be used to change the users home directory.

It may be be that

[ sudo ] usermod -d

is what you want to use. If you already have sftp_account as active.

I don't think your linux is so old it uses passwd for this

What precisely is server B? Please post the output of uname -a