# Ubuntu SFTP - 建立Group、新增使用者、修改密碼 ``` bash sudo addgroup $group sudo useradd -m $user -g $group sudo passwd $user ``` - 在 `/etc/ssh/sshd_config.d` 新增`.conf` 要注意的是`ChrootDirectory`的最終路徑的Owner必須是root，且不能讓Owner以外的有寫入權限 ``` sudo nano /etc/ssh/sshd_config.d/$user.conf ``` ``` bash Match group $user # Match the group user ChrootDirectory /home/$user # Restrict users to the /home directory X11Forwarding no # Disable X11 forwarding AllowTcpForwarding no # Disable TCP forwarding ForceCommand internal-sftp # Force the use of internal SFTP PermitTunnel no # Disable tunnels AllowAgentForwarding no # Disable agent forwarding PasswordAuthentication yes # Allow login with password ``` - 新增後重啟ssh ``` bash sudo systemctl restart ssh ``` - 新增資料夾給SFTP使用 因為`ChrootDirectory`無法讓SFTP編輯，所以必須先在`ChrootDirectory`建立一個資料夾，並將Owner:Group設定配合SFTP ``` bash sudo chown root:root /home/$user sudo chmod 755 /home/$user sudo mkdir /home/$user/files sudo chown $user:$group /home/$user/files ```