SFTP Access with Active Directory user

Asked May 25 '18 at 10:33

Active May 25 '18 at 10:33

Viewed 1,965 times

I'm trying to access through SFTP using an Active Directory user.

I have a RH7.3 machine, configured with SSSD. Sshd_config has some parameters that allow some AD users to login throught ssh. Now I've created a new group in AD (access_ssh_vsftp) with some users and I want access with these users throught SFTP but NOT throught ssh.

SFTP group (access_ssh_vsftp) is configured on sshd_config (last lines):

Match Group "ADNAME\access_ssh_vsftp"
 ChrootDirectory /home/folder/%u
 X11Forwarding no
 AllowTcpForwarding no

I've tried with differents "Match Group" like access_ssh_vsftp or "access_ssh_vsftp@adname.com" but it didn't work.

On the other hand, I don't know if I have to set "access_ssh_vsftp@adname.com" in AllowGroup section (sshd_config) because if I set it I can access throught SSH and SFTP but, if this parameter does not exist, I can not login throught ssh neither sftp.

Can anybody help me?

Thanks in advance!!

asked May 25 '18 at 10:33

jask

If `AllowGroup` doesn't exist, then chance is that you have `AllowUser` somewhere. – kubanczyk May 25 '18 at 11:36
AllowGroup exists and I can login through ssh. It was only a doubt that I had. Thanks – jask May 25 '18 at 14:25

SFTP Access with Active Directory user

0 Answers0