May 30, 2016 · Server ·

Sponsored Link
This tutorial explain how to install SFTP server using MySecureShell on Ubuntu 16.04 server.MySecureShell is a solution which has been made to bring more features to sftp/scp protocol given by OpenSSH. By default, OpenSSH brings a lot of liberty to connected users which imply to thrust in your users. The goal of MySecureShell is to offer the power and security of OpenSSH, with enhanced features (like ACL) to restrict connected users.

MySecureShell was created because of the lack of file transfer features in OpenSSH. OpenSSH was not designed as a file transfer solution, that’s why we made MySecureShell.

MySecureShell Features

Bandwidth control
Only authorized files and folders can be shown
Advanced logging information
ACL can be made with IP/Usernam/Groups/VirtualHost/...
Confined environments (chroot, which is also available in the latests version of OpenSSH)
Restrict users to have sftp only (shell access is disabled by default)

Install MySecureShell on Ubuntu 16.04 Server

Open the terminal and run the following command

sudo apt-get install mysecureshell

This will complete the SFTP server installation.

Add users for MySecureShell

You can add users using useradd command .You can also update the existing user account to get access to MySecureShell server by edit the /etc/passwd file.

Add New User

sudo useradd -m -s /usr/bin/mysecureshell test1

sudo passwd test1

Adding Existing user to MySecureShell Server

From Command line

sudo usermod -s /usr/bin/mysecureshell test2

or

sudo vi /etc/passwd

Change columns "shells" and replace it by "/bin/MySecureShell".

test2:x:1006:500:DSE Testing:/home/sftpusers/test2:/bin/sh

Become

test2:x:1006:500:DSE Testing:/home/sftpusers/test2:/bin/MySecureShell

Save and Exit the file.

You can test your SFTP server using any SFTP client or from ubuntu system use the following command

sudo sftp [email protected]

How to check who is connected to SFTP server

Use the following command to check who is connected to SFTP server

sftp-who

How to Control of bandwidth

You need to edit the /etc/ssh/sftp_config file and Global Download tag allows to limit the maximum download bandwidth for the overall server.

Example

In this example, all users will be able to download up to a 100k maximum bandwidth and the total maximum bandwidth allowed for the server is 1M

<Default>

Home /SFTP
GlobalDownload 1M
Download 100k

</Default>

Check Mysecureshell Documentation for detailed configuration options.

Sponsored Link

5 Comments to “Install and Configure SFTP server on ubuntu 16.04 (Xenial Xerus) server”

  1. Naveen Bajaj says:

    I used the above tutorial for installing sftp server on ubuntu. After that i am not able to ssh the instance. I am getting following error
    Shell access is disabled. connection closed.

  2. JC says:

    Same issue for me, limited troubleshooting at this point but it appears to have conflicted with OpenSSH. I’ve tried changed the port in the sshd_config file and that doesn’t appear to have helped.

  3. ruchi says:

    Try the following one and may be not secure

    Comment out sftp support in sshd_config and restart sshd service

    #Subsystem sftp /usr/lib/openssh/sftp-server

  4. Ranjeet says:

    Hello

    How to add user for specific directory /var/www/public_html
    also i’m able to access all directory but added user have no permission to add/update/delete permission to /var/www/public_html

  5. Rodrigo Rivera says:

    To anyone reading this and having “Shell access is disabled. connection closed.”

    By default, ssh access is deactivated for all users, only sftp is enabled. If you want to enable ssh access too for some (or all) users, then you have to create a group with those users and edit the configuration file located on /etc/ssh/sftp_config as explained on the official documentation:

    http://mysecureshell.readthedocs.io/en/latest/tags/childs/shell.html

Leave a Reply

  • Recent comments