Tuesday, May 2, 2017

Creating Linux SFTP Chrooted Server - Automated Script

Linux SFTP Chrooted Server - Automated Script


---------------------------------------
#!/bin/bash

#Author Mail : rambamal@gmail.com
#Creating config backup to backup system conf files and directories
if ! [ -d "/root/conf-backup" ]
        then mkdir /root/conf-backup
fi

#Taking a backup of /etc/ssh
cp -ar /etc/ssh /root/conf-backup/.


#Deleting existing sftp configurations
sed -i '/^Subsystem/d' /etc/ssh/sshd_config
sed -i '/^PasswordAuthentication/d' /etc/ssh/sshd_config
sed -i '/^ChallengeResponseAuthentication/d' /etc/ssh/sshd_config
sed -i '/^UsePAM/d' /etc/ssh/sshd_config
sed -i '/ChrootDirectory/d' /etc/ssh/sshd_config
sed -i '/X11Forwarding/d' /etc/ssh/sshd_config
sed -i '/AllowTcpForwarding/d' /etc/ssh/sshd_config
sed -i '/ForceCommand/d' /etc/ssh/sshd_config
sed -i '/^Match/d' /etc/ssh/sshd_config


#Creating SFTP Server configuration
cat > /tmp/sftp_conf << END

PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePAM yes

Subsystem       sftp    internal-sftp -l INFO

Match Group sdp
  ChrootDirectory /chroots/%u
  X11Forwarding no
  AllowTcpForwarding no
  ForceCommand internal-sftp -l INFO
END

cat /tmp/sftp_conf >> /etc/ssh/sshd_config
#Creating SFTP User's Home directory /chroots

if ! [ -d "/chroots" ]
        then mkdir /chroots
fi

#Add sdp Group
groupadd sdp
#Remove Temporary files created within script
rm -f /tmp/sftp_conf

#Restart sshd Server
service sshd restart
exit 0
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)