In this post I will be explaining the steps to configure SFTP in redhat/centos servers, more importantly I will chroot the sftp user to restrict his privileges.
Step1 :Create a group, that will be limited to SFTP and add a user to that group. Here as an example,
add the group "group_manoj", which will be limited to SFTP and add the user "user_manu" to the group as below:
Now, open the file "/etc/ssh/sshd_config" and find the line starting with "Subsystem" and change it to as below:
Subsystem sftp internal-sftp
Add the following lines to the end of the same file:
Match Group group_manoj
After this restart ssh as "service sshd restart"
Now, run the below command to create a directory called "upload" and set permission as below:
chown root. /home/user_manu
chmod 755 /home/user_manu
chgrp -R group_manoj /home/user_manu
Now, try to sftp to the server as sftp user "user_manu".