How To Configure SFTP server on CentOS?

How to configure a SFTP server on CentOS 7

Introduction

I have put together a how-to showing how to setup a SFTP server on CentOS with full CHROOT.

Source Video: https://www.youtube.com/watch?v=d4D6xqQigH8

Steps (6 total)

1 Start the SSHD service and ensure it starts with the server

# systemctl enable sshd.service
# systemctl start sshd.service

2 Setup the SSH Deamon – some VI knowledge required

# vi /etc/ssh/sshd_config

Comment the following line (add a hash before it)

Subsystem sftp /usr/local/libexec/sftp-server

and add the following just below it, I recommend using tab instead of spaces

Subsystem sftp internal-sftp

Now scroll to the end of the config file and add the following to create the match rule:

Match Group sftponly
ChrootDirectory %h
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no

Save the config file and close it. (Press ESC and type ‘wq!’)

3 Reload the SSH Deamon

# systemctl restart sshd.service

4 Let’s add the user(s) and group (I used John as an example):

# groupadd sftponly
# useradd john -g sftponly -s /bin/false
# passwd john

5 Add folders (for the user to read and write data from):

# mkdir /home/john/datadir
# chown root /home/john
# chmod 755 /home/john
# chown john /home/john/datadir
# chmod 755 /home/john/datadir

6 Stop SELinux from interfering with our jail

# setsebool -P ssh_chroot_rw_homedirs on

References