SFTP用ユーザを作成
1 2 3 4 5 6 | # useradd sftpuser # passwd sftpuser Changing password for user sftpuser. New password: Retype new password: passwd: all authentication tokens updated successfully. |
SFTP用グループを作成、権限付与
1 2 3 4 5 6 | # groupadd sftpgroup # gpasswd -a sftpuser sftpgroup # chmod 775 /home/sftpuser/ # chown root:root /home/sftpuser/ # mkdir -p /home/sftpuser/work # chown sftpuser:sftpgroup /home/sftpuser/work/ |
SUDO設定
1 2 3 4 | # visudo sftpuser ALL=(ALL) ALL # su sftpuser |
SSHログイン用設定
1 2 3 4 5 6 7 8 9 10 | # nano /etc/ssh/sshd_config 最後の方に追加する Match User sftpuser PasswordAuthentication yes X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp ChrootDirectory /home/sftpuser # service sshd restart |
Chrootディレクトリのバインドマウントを実行、永続化
1 2 3 4 | # mount -B /var/www/vhosts/example.com/wp-content/themes/work /home/sftpuser/work # nano /etc/fstab /var/www/vhosts/example.com/wp-content/themes/work /home/sftpuser/work bind 0 0 |