Allow SFTP but prevent SSH Shell Access CentOS 6

Quick guide to configure SFTP access but prevent SSH logins.

A standard CentOS install already configured with openssh-server package (and its dependancies) is all we need to get started.

[box type="info"] Just note that this document assumes CentOS 6 for all example code and references. Syntax, file locations and codes may vary based on your distribution.[/box]

Scenario

You’ve got a specific user which only requires encrypted access to the files of their hosted web site. However we don’t want the user to be able to see or access any other user or system data on the server (chroot or jail).

Step 1: Configure SSH

We’ll need to open up /etc/ssh/sshd_config file and make a few adjustments.

You’ll need to look for the following line:

And you’ll want to comment out that line and add some additional information below.

Save and close sshd_config file to complete that step. Also note you’ll need to restart the sshd service before the settings will take affect.

Continue reading…