How to set up SFTP-accessible directories using Tectia Server 5.x for Windows
asked Dec 23 '10 at 16:52
SSH KB ♦
SFTP functionality can be configured via the 'Services' page in the Tectia Server Configuration tool. Chapter 4, "Configuring Tectia Server", in the Tectia Server 5.0 Administrator Manual has more information on configuration options. Tectia Server 5.0 has a new, dynamic and robust configuration which enables administrators to have different connection parameters, authentication method chains, and services for different user groups based on certain user information. In the Services page of the Tectia Server Configuration tool the first list is Groups. That refers groups defined in the Tectia Server with selectors, not groups in the operating system (although those can be used in selectors). The next parameter is Rules where services are assigned to Tectia groups. Services are defined as the functions provided by Tectia Server (terminal, sftp, tunneling, remote command execution). To restrict access to one set of directories via sftp to a group named 'sftpusers' and allow access to all drives and services to all other users, please do the following:
Define groupIn the Services page 'Add' a group:
Define servicesNext, delete the default (unnamed) Rule. Next 'Add' a new one. A 'Rule' dialog will open: 1) In the name field type the name of the group to which this rule set applies. In this example, the sftpusers group is defined, and only SFTP access is allowed.
answered Dec 23 '10 at 16:58
Alan - Tectia Support ♦