Automating Secure SFTP User Setup with a Bash Script


Secure File Transfer Protocol (SFTP) is a popular choice for securely transferring files between systems. In some cases, you might want to create a user account solely for SFTP access and restrict their access to specific directories. In this article, we’ll guide you through the process of setting up a restricted SFTP user with chroot on an SSH server. We’ll create a user with limited shell access using /sbin/nologin and configure the SSH server to enforce the restrictions.


  • Access to a Linux server with sudo privileges.
  • Basic understanding of the Linux command line.

Certainly! Here’s a blog article on setting up restricted SFTP access on a Linux server using a bash script:

If you’re a system administrator or someone who manages Linux servers, you probably know the importance of secure file transfer protocols. SFTP (Secure File Transfer Protocol) is a popular choice for secure data exchange, and controlling user access is crucial to maintaining a secure environment.

In this article, we’ll walk you through an exciting solution: a bash script that automates the process of setting up restricted SFTP access for users on a Linux server. This script simplifies the task, saving you time and ensuring consistency in your setup.

The Purpose

The primary goal of this script is to create a new user with restricted SFTP access, limiting them to a specific directory on the server. By doing this, we can minimize the risk of unauthorized access to critical files and directories, bolstering the overall security of the system.

The Script

Let’s dive into the bash script. Here’s the code snippet we’ll be using:


# Replace "sftuser" with the desired username
# Replace "/var/www/" with the desired Chroot directory

# Create the user with /sbin/nologin shell
sudo useradd -s /sbin/nologin "$USERNAME"

# Set the password for the user (replace "password" with the actual password)
sudo echo "$USERNAME:password" | sudo chpasswd

# Backup the SSH configuration file
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup

# Append the necessary configuration to the SSH configuration file
sudo bash -c "cat >> /etc/ssh/sshd_config" <<EOL

# Configuration for SFTP access for $USERNAME
Match User $USERNAME
    ForceCommand internal-SFTP
    ChrootDirectory $CHROOT_DIR
    AllowTcpForwarding no
    X11Forwarding no

# Restart the SSH service to apply the changes
sudo service sshd restart

echo "User $USERNAME with restricted SFTP access has been set up."

🔗 You can find the code snippet on GitLab: click me to see the code

How to Use the Script

The script is designed to be straightforward to use, and it follows a few simple steps:

  1. Replace "sftuser" with the desired username of the new user in the USERNAME variable.
  2. Customize the CHROOT_DIR variable to set the desired Chroot directory. This is where the user will be restricted.
  3. Set the user password by replacing "password" with the actual password. Make sure to use a strong and secure password.

Enhancing Security

This script significantly enhances security by isolating users to specific directories through the Chroot feature. Users will only be able to access their designated area, ensuring that sensitive files and system directories remain protected.

The Power of Automation

Automating the user setup process with this bash script streamlines your workflow and reduces the likelihood of manual errors. It is especially beneficial if you need to create multiple users with restricted SFTP access or if you frequently set up new servers.


In conclusion, automating the setup of restricted SFTP access on a Linux server is a powerful way to enhance security and simplify administrative tasks. With this bash script in your toolkit, you can create secure SFTP environments with ease and confidence.

Feel free to try out the script and adapt it to your specific needs. As always, remember to exercise caution when dealing with user credentials and permissions.

Happy scripting and stay secure!

Feel free to modify the blog article as needed to fit the style and tone of your blog. Remember to credit the source if you use any external code snippets or resources. Happy writing! 📝

  • Setting Up a Restricted SFTP User with Chroot on an SSH Server
  • Automate SFTP User Setup on Linux Servers with a Secure Bash Script
  • Enhance Linux Server Security: Automated SFTP User Setup with Bash
  • Streamlining SFTP User Creation on Linux: A Powerful Bash Script
  • Securely Set Up Restricted SFTP Users on Linux Using Automation
  • Efficient SFTP User Management: A Bash Script for Linux Servers
  • Simplify SFTP Access Control: Automating User Setup with Bash
  • Boost Linux Server Security: Auto-Create Restricted SFTP Users
  • Mastering SFTP User Configuration with a Custom Bash Script
  • One-Click SFTP User Setup: Automating on Linux Servers
  • Managing SFTP Access Made Easy: A Bash Script for Linux

#Linux #BashScripting #SFTP #CyberSecurity #Automation #SFTP #Linux #Automation #BashScript #Security #UserSetup #AccessControl #ServerManagement #Chroot #RestrictedUsers #Scripting #SecureFileTransfer #SSH #ServerAdministration

Leave a Reply