sftp Refer Link

Commands to change permission

• vi /etc/ssh/sshd_config

Set Permission for Main Root folder to access

• ls -ld /home/root_dir
• chown root:root /home/root_dir
• chmod 755 -R /home/root_dir

Set subfolder access to their respective folder

• mkdir /home/root_dir/user_folder
• chown username:username /home/root_dir/user_folder
• chmod 700 user_folder

Add these lines inside sshd_config file

sshd_config

Match User  user or group=
ChrootDirectory /home/ (or)  add %u or %h
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no

Notes

points

%u - username
%h - host

Notes

sftp-sshd_configREADME

echo "Enter Group Name To Create for sftp user"

# read sftpgroup
# sftpgroup=""
sftpgroup="sftpgroup_resticted"
groupadd $sftpgroup

echo "Entered User names" 
echo $@
a=("$@")

echo "Permission Updated for respective User's"

for names in "${!a[@]}"
do
     Username=${a[$names]}
    #  echo "$nam"
     ls -ld /home/$Username
    chown root:$TOKEN /home/$Username
    chmod 775 /home/$Username
    sudo usermod -a -G $sftpgroup $Username
done

echo "Updating SSh config file for sftp users"

cat <<EOF >> /5
Match Group sftpuser
    ChrootDirectory /home/%u
    ForceCommand internal-sftp
    X11Forwarding no
    AllowTcpForwarding no
EOF

service sshd restart

b="$?"
echo "$b"
if [ $b == 0 ]
then   
    echo "Update Done"
else
    echo "Update not done"
fi

Readme

loop through an array 
loop through array indices

${array[@]}  array
${!array[@]} array indices

Folder access structure

Main root folder will be handle by sftp tp to restrict user login, and subfolder for the appropriate user will be created to give access for user's by mapping user name in sshd_config

``` mermaid stateDiagram-v2 state fork_state <> Root_Folder --> fork_state fork_state --> sub1 fork_state --> sub2

state join_state <<join>>
sub1 --> join_state
sub2 --> join_state
join_state --> SFTP
SFTP --> [*]

```