Cloudbooklet
  • News
  • Artificial Intelligence
  • Applications
  • Linux
No Result
View All Result
Cloudbooklet
  • News
  • Artificial Intelligence
  • Applications
  • Linux
No Result
View All Result
Cloudbooklet
No Result
View All Result
Home Google Cloud

How to Restrict User to Specific Directory on Linux – Google Cloud

by Cloudbooklet
3 years ago
in Google Cloud, AWS
How To Restrict User To Specific Directory On Linux – Google Cloud
ShareTweetSendShare
Readers like you help support Cloudbooklet. When you make a purchase using links on our site, we may earn an affiliate commission.

How to Restrict a User to Specific Directory on Linux – Google Cloud. It is necessary to limit user with specific privileges by restricting SSH or allow only to access specific directory. This guide provides a detailed guide to restrict users to access only a specific directories by modifying the SSH configuration file. This is […]

ADVERTISEMENT

How to Restrict a User to Specific Directory on Linux – Google Cloud. It is necessary to limit user with specific privileges by restricting SSH or allow only to access specific directory.

This guide provides a detailed guide to restrict users to access only a specific directories by modifying the SSH configuration file. This is also known as a chroot jail setup.

This guide is tested on Google Cloud Platform running Ubuntu 20.04 Linux machine. This setup will surely work on AWS, Azure or any cloud or any VPS or dedicated servers running any Linux distributions.

ADVERTISEMENT

Prerequisites

  • Root access to the server or user with sudo privileges

Create New Group

Create a new group to add all users inside this group.

You might also like

How To Setup Ssh Keys On Ubuntu

How to Setup SSH Keys on Ubuntu 20.04

4 months ago
Draggan Ai Editing Tool Install And Use Draggan Photo Editor

DragGAN AI Editing Tool Install and Use DragGAN Photo Editor

4 months ago
sudo groupadd restriction

Create Users and Add to Group

Now you can create user or add the existing user to the new restriction group.

If you want to create a new user you ca follow this command.

ADVERTISEMENT
sudo useradd -g restriction username
  • -g restriction will add the user to the restricted group we created above.

If you need to prevent shell access you need to use the -s flag with /bin/false value which prevents SFTP access. If SFTP is blocked you cannot access the server with SSH keys. In this case you need to setup FTP, to install and configure VSFTP you can follow this setup.

Now here we wont block shell access.

ADVERTISEMENT

If you need to add the existing user to the group you can use this command.

sudo usermod -g restriction username

You can use the same command to create unlimited users.

ADVERTISEMENT

Configure SSH

Once the user is created and assigned to the group you can configure SSH to limit access to specific directory.

Open the SSH configuration file /etc/ssh/sshd_config

ADVERTISEMENT
sudo nano /etc/ssh/sshd_config

Go to the bottom of the file  to find the line starting with Subsystem sftp /usr/lib/openssh/sftp-server and replace it with the following.

Subsystem sftp internal-sftp

Finally add the below lines to bottom.

Match user username
  ChrootDirectory /path/to/folder
  ForceCommand internal-sftp
  AllowTcpForwarding no
  X11Forwarding no

Hit CTRL + X followed by Y and Enter to save and exit the file.

Now restart the SSH service to apply the changes.

sudo systemctl restart ssh

For CentOS or Fedora you can use the following command to restart the SSH service.

sudo systemctl restart sshd

Once SSH is restarted you can access your instance you will be allowed only to view the directory that you used.

Test the Setup

If you don’t have password based authentication enabled you can setup SFTP to access your instance or server and test your configuration using FileZilla or WinSCP or CyberDuck.

You you have your passwords setup you can use these commands to check.

Open a SFTP connection to your server with the sftp command.

sftp username@IP_ADDRESS

Enter the password you have setup before when prompted.

Now you will be logged in to the server and can see the sftp> prompt.

Run the pwd command, if the configuration is working fine you will get the output as /.

Prepare yourself for a role working as an Information Technology Professional with Linux operating system

Output
sftp> pwd
Remote working directory: /

Conclusion

Now you have learned how to restrict a user to specific directory in Linux.

Thanks for your time. If you face any problem or any feedback, please leave a comment below.

Tags: CentOSDebianFTPUbuntu
Share2Tweet2SendShare
Cloudbooklet

Cloudbooklet

Comments 1

  1. Avatar Of My MY says:
    2 years ago

    Thanks for the great article and clear instructions. Upon complete, I tried to test the sftp and get this response:
    It does ask for my password, but then it disconnects me with this message:
    client_loop: send disconnect: Connection reset

    any idea what’s happening?

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related Posts

Set Up Deep Learning With Nvidia, Cuda, Cudnn On Ubuntu

How to Set Up Deep Learning with Nvidia, CUDA, cuDNN on Ubuntu 22.04

7 months ago
How To Install Or Upgrade Php 8.2 On Ubuntu 22.04

How to Install or Upgrade PHP 8.2 on Ubuntu 22.04

9 months ago
How To Change Timezone On Ubuntu 22.04

How to Change Timezone on Ubuntu 22.04

1 year ago
How To Install Ansible On Ubuntu 22.04

How to Install Ansible on Ubuntu 22.04

1 year ago

Follow Us

Trending Articles

Ai Annotation Jobs

AI Annotation Jobs: Everything You Need to Know

September 18, 2023

Best 10 AI Comic Generator: Create Comic book in Seconds

Create a Professional Website with Wix AI Website Builder

Validator AI: The AI Powered Business Idea Validator

Microsoft Unveils New Disc-Less Xbox Series X with Lift-to-Wake Controller

HeyGen AI: Free AI Video Generator to Create Amazing Videos

Popular Articles

Ai Album Cover Generator

7 Best AI Album Cover Generators to Create Stunning Artwork

September 9, 2023

Best 10 Instagram Video Downloader Apps and Websites for 2023

10 Free Watermark Remover That Work in 2023

Winston AI: How to Check AI Plagiarism for Better SEO

Kits AI Voice Generator: Create High-Quality Audio Content with Ease

How to Enable Bing Chat Enterprise for Your Microsoft Search

Subscribe Now

loader

Subscribe to our mailing list to receives daily updates!

Email Address*

Name

Cloudbooklet Logo

Welcome to our technology blog, where we explore the latest advancements in the field of artificial intelligence (AI) and how they are revolutionizing cloud computing. In this blog, we dive into the powerful capabilities of cloud platforms like Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, and how they are accelerating the adoption and deployment of AI solutions across various industries. Join us on this exciting journey as we explore the endless possibilities of AI and cloud computing.

  • About
  • Contact
  • Disclaimer
  • Privacy Policy

Cloudbooklet © 2023 All rights reserved.

No Result
View All Result
  • News
  • Artificial Intelligence
  • Applications
  • Linux

Cloudbooklet © 2023 All rights reserved.