Apoyar Wiki

Creating an SFTP user for www server

Revision as of 12:00, 30 June 2021 by Admin (talk | contribs) (Created page with "Creating SFTP Access on Server ----------------------------------- Login to server, on which need to create SFTP access Go to below path and create folder, where need to...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Creating SFTP Access on Server


Login to server, on which need to create SFTP access


Go to below path and create folder, where need to upload data


• cd /var/www

• mkdir uploads


Copy neal and nagios key’s from Nagios server(nagios.apoyar)

• scp neal nagios username@servername /home/neal/


move both keys to sshkeys folder

• mv neal nagios /usr/share/sshkeys


change nagios owner

• chown nagios:nagios nagios


change permission for neal and nagios

• chmod 600 *


Create simlink and restart sshd


• ln -s /usr/share/sshkeys/nagios /home/nagios/.ssh/authorizedkeys


• ln -s /usr/share/sshkeys/neal /home/neal/.ssh/authorizedkeys


• systemctl restart sshd



Create user apoyarsftp


• useradd -m -d /var/www/uploads/ -G www-data /usr/sbin/nologin apoyarsftp


Add user to www-data group


• usrmod -a -G apoyarsftp www-data


Go to home folder

• cd /home/

• vi /etc/ssh/sshd.config


Go to last & add below lines there


Match User sftpuser

ChrootDirectory folderpath

X11Forwarding no

AllowTcpForwarding no

ForceCommand Internal-sftp

edit username and folderpath

sftpuser – apoyarsftp

folderpath - /var/www/uploads/

save file :wq!


• systemctl restart sshd


Set password for apoyarsftp user


• Passwd apoyarsftp

Qwerty1!


Change owner and permission for uploads folder


• Cd /var/www

• chown -R apoyarsftp apoyarsftp:apoyarsftp uploads/

• chown root:root uploads/

• chmod 755 uploads/


Create .ssh folder under uploads and change owner and permission for .ssh folder


• cd uploads/

• mkdir .ssh

• chmod -R 700 .ssh/

• chown –R apoyarsftp:apoyarsftp .ssh/



Go to below path and generate key


• cd /usr/share/sshkeys

• ssh-keygen

Enter file name - ./apoyarsftp


• mv apoyarsftp /home/neal

• mv apoyarsftp.pub apoyarsftp


Change owner and permission for apoyarsftp


• chown apoyarsftp:apoyarsftp apoysrsftp

• chmod 600 apoyarsftp


Create simlink

• ln –s /usr/share/sshkeys/apoyarsftp /var/www/uploads/.ssh/authorizedkeys


Create subfolder under uploads folder and change owner for that folder


• cd /var/www/uploads

• mkdir private

• chown –R apoyarsftp:apoyarsftp private


Go to mercury.apoyar server and create new host under bleckmann


• Name - sftp

• IP address - Server IP adreess


Click Add host


Go to bleckmann server and add DNS record to hostfile

• cd /home/neal

• vi /etc/hosts 

And add below entry

Server IP address sftp.bleckmann.apoyar

Save the file (:wq1!)

Now connect server try uploading files.

Retrieved from ‘https://wiki.apoyar.eu/index.php?title=Creating_an_SFTP_user_for_www_server&oldid=203