SFTP User Creation CentOs

Step 1. Crate Group
groupadd sftponly

Step 2. Create user account
useradd -d /home/sftp/MYUSER -s /bin/false -G sftponly MYUSER

Step 3. Create a password for your username.
passwd MYUSER

Step 4. Ensure the following line is commented out in your sshd configuration file ( File Location: /etc/ssh/sshd_config )
# Edit the sshd_config file which holds the SSH/SFTP configuration
vi /etc/ssh/sshd_config
# Ensure this below Line has a hash symbol, # in front of it
#Subsystem sftp /usr/lib/openssh/sftp-server
# Ensure that this below line is added directly below the line you just commented out with a hash symbol #
Subsystem sftp internal-sftp

Step 5. Add the following to the bottom of the same file (it must be at the very bottom)
Match Group sftponly
ChrootDirectory %h
X11Forwarding no
AllowTCPForwarding no
ForceCommand internal-sftp

Step 6. Test the changes with sshd before restarting the service, please note it’s important you do this correctly, or may break your sshd configuration
sshd -t
service sshd restart

Step 7. Give proper ownership to the newly created folder
chown root:root /home/sftp/MYUSER

Step 8. Test SFTP credential is working:
# Connect to SFTP using the myuser, replace myuser with the user you’ve chosen
sftp myuser@localhost
myuser@localhost’s password:


Leave a Reply

Your email address will not be published. Required fields are marked *