Recently, I am doing a sftp request. I need to add an sftp user to transfer files to the specified path of linux. To learn through the network, I need to add a new ftp account. You need to add several commands in /etc/ssh/sshd_config:
Subsystem sftp internal-sftp
Match User root // 匹配用户,用户为root时才做处理
ChrootDirectory /srv/ftp // 设置用户sftp访问的根目录
AllowTcpForwarding yes // 允许ssh访问设置为yes,不允许ssh访问,设置为no
After modifying sshd_config, run the following command to restart sshd, and the following error appears:
Search through Baidu and find the command to query the operation error:
root@localhost:~# /usr/sbin/sshd -T
/etc/ssh/sshd_config line 92: Directive 'UsePAM' is not allowed within a Match block
root@localhost:~#
It turns out that UsePAM and Match User conflict with each other. The reason for this problem is that the added Match position is incorrect. Add Match after UsePAM.
root@localhost:~#
root@localhost:~# service sshd restart
root@localhost:~#
No error was reported, it seems to be a success. A wave of remote sftp connection attempts, the connection is successful.
C:\Users\xxxxxx>sftp root@192.168.xxx.xxx
root@192.168.xxx.xxx's password:
Connected to root@192.168.xxx.xxx.
sftp>
sftp>
What is UsePAM?
PAM stands for Pluggable Authentication Modules. These modules provide additional authentication rules to protect access to the computer.
For details, please see the following connection:
Three locks to protect SSH