-
Setting up an sftp server..


Establishing a sftp server with only access to sftp(no access to shell)


QuickGo


step1--Enable ssh

step2--turn firewall of on the port 22(or any static port you set for ssh)

step3--create users/groups and setting up passwords for created users

step4--create folders for the users to upload and download files( land on)(set permissions accordingly)

step5--Edit the sshd_config file to set the users permissions

step6--restart the sshd service

step7--login with your user..

Step by step procedures are as follows::::::

 (note:::here i am using ubuntu as my server)


--Step1

First install ssh (ignore if already installed)

use command:-

"apt-get install openssh-server"

--Step 2

Disable blocking by firewall on port 22 .(since it is the default port for ssh)

use command:

"ufw allow ssh"

--Step3

Now comes the main part,

Create users 

(here i created 5 users two in one group and two in other the 5th one in both)


now check whether they are created



now create groups,
use command:
"sudo addgroup groupname"

now add users to the group

                                         



to know in which group the user is ;

use command:

"groups username"


now set passwords for the users




--Step 4

creating directories 




(similarly i have created /sftp2 for groupb)




now open the directory and make a new directory inside it  for the user.
 now set owners for the directories






(any one of the user of the group can be the owner of the user directory )
(root should be the owner of /sftp directory where users land.)


now set the permissions for the directories 
"sudo chmod 755 /sftp"
"sudo chmod 755 /sftp2"
"sudo chmod 775 /sftp/landa"
"sudo chmod 775 /sftp2/land"
  

(one of the outcome)




--Step5
    Edit the sshd_config file
      open the file 
      "sudo nano /etc/ssh/sshd_config"

                              then edit as follows:



save and exit..


--Step6 
Restart sshd service
"sudo systemctl restart sshd.service"







--Step7
Congrats!!sftp is configured for these users..
now check the connection by loging in




now try to login with a client system



What happens if we use these users for ssh?





Using a sftp client (firezilla)

after using the client we can see on our server which user added what file ..





-------------------------------------------------------THE END------------------------------------------------------------


Comments

Post a Comment

Popular posts from this blog

-
Image
  My OSCP Journey: OSCP Certified At First Attempt (90 Points) It all began in August 2022 when I achieved a significant milestone in my cybersecurity journey by passing the Red Hat Certified System Administrator (RHCSA) exam. This achievement not only provided me with a strong foundation in Linux but also fueled my passion for diving deeper into the world of cybersecurity. Around the same time, I found myself holding a voucher for the CompTIA Cybersecurity Analyst (CySA+) exam, which I knew was another crucial step in my career progression. I was determined to continue building my expertise in cybersecurity. However, my true adventure towards the Offensive Security Certified Professional (OSCP) certification didn't officially kick off until November 23, 2023. That's when I made the decision to invest in the OSCP Learn One subscription package, which granted me one year of access to the OSCP labs and two exam attempts. It was an exciting but challenging journey that awaited me....
Read more
-
Image
  PXE Network Boot #Preboot Execution Environment, used to load operating system over a network connection. #PXE network boot is achieved through several network protocols, which includes: TFTP, DHCP,IP,HTTP/NFS, etc. #Now lets begin building our environment(here I used ubuntu(Focal) as my pxe-server). #STEP 1 :) #First lets install the required packages: sudo apt-get install isc-dhcp-server tftpd-hpa syslinux pxelinux apache2 -y #Download the ISO file as well.(here I tried to install ubuntu-server(20.04) over network.) #here syslinux is for the bios files, pxelinux for the pxelinux.0 file. #STEP 2 :) #Configure tftp base folder: mkdir /tftpboot rsync -av /usr/lib/syslinux/modules/bios/{menu.c32,libutil.c32,ldlinux.c32,libcom32.c32}  /tftpboot mkdir /tftpboot/pxelinux.cfg touch /tftpboot/pxelinux.cfg/default mkdir /tftpboot/ubuntu mount -o loop,ro /PATH_TO_ISO /tftpboot/ubuntu #add this in /etc/fstab - so that the mount persists  reboot. /PATH_TO_ISO /tftpboot/ubuntu ...
Read more
-
Image
  CHAT ROOM WITH END-TO-END-ENCRYPTION  USING SOCKET PROGRAMMING PYTHON LEARNING: Socket programming Understanding TCP  Diffe hellman key exchange Encryption Tkinter Threading  What is  one way function?   There is no inverse  to this type of functions             Eg -     5 mod 2 =1 11 mod 2 = 1 25 mod 2 = 1 Any odd no. mod 2 = 1                Therefore, there are infinite possibilities  of odd numbers.                Hence, even if we  know remainder and divisor we cannot say what is dividend. (here we are not                   involving quotient, hence it is not possible to find the dividend .) Note: this is modulus property (g**A mod p)**B mod p =. (g**B mod p)**B mod p = (g **(A*B) mod) p mod p The same thing is done in diffe hellman key e...
Read more