#添加用户 sudo useradd -d /home/exxk/shared_bikes_html -m -s /bin/bash bikesfe #创建修改密码 sudo passwd bikesfe #添加bikesfe用户只能使用sftp sudo vim /etc/ssh/sshd_config Match User bikesfe ChrootDirectory /home/exxk/shared_bikes_html ForceCommand internal-sftp AllowTcpForwarding no X11Forwarding no #修改/home/exxk/shared_bikes_html目录及上层目录权限 sudochmod 755 /home/exxk sudochmod 755 /home/exxk/shared_bikes_html sudochown root:root /home/exxk/shared_bikes_html sudochown root:root /home/exxk #测试 #sftp登录成功 sftp bikesfe@172.16.10.2 #ssh登录失败 ssh bikesfe@172.16.10.2
常见问题:
不修改目录及上级目录权限会提示如下错误:
1 2 3 4 5 6
Jan 08 14:24:26 ubuntu sshd[2677787]: Accepted password for bikesfe from 172.16.30.210 port 52532 ssh2 Jan 08 14:24:26 ubuntu sshd[2677787]: pam_unix(sshd:session): session opened for user bikesfe(uid=1001) by (uid=0) Jan 08 14:24:26 ubuntu systemd[2677793]: Listening on GnuPG cryptographic agent (ssh-agent emulation). Jan 08 14:24:26 ubuntu sshd[2677897]: fatal: bad ownership or modes for chroot directory component "/home/iexxk/" Jan 08 14:24:26 ubuntu sshd[2677787]: pam_unix(sshd:session): session closed for user bikesfe Jan 08 14:24:37 ubuntu systemd[2677793]: Closed GnuPG cryptographic agent (ssh-agent emulation).