i'm having trouble forcing users to only be able to use sftp when connecting over ssh.
I have the following lines in my /etc/ssh/sshd_config:
Subsystem sftp /usr/libexec/openssh/sftp-server
Match user USERNAME
ForceCommand internal-sftp
But when I try to connect via sftp, i get the error:
error: subsystem: cannot stat /usr/libexec/openssh/sftp-server: No such file or directory
subsystem request for sftp failed, subsystem not found
However, the file /usr/libexec/openssh/sftp-server does exist and seems to be working fine. If I don't try and force the connection to be sftp, then I can ssh in just fine, so the ssh daemon seems to be handling things correctly, but forcing sftp is not.
Does anyone have any suggestions? I've tried searching for answers but all the solutions i've found seem to be about the sftp-server not being in the correct place. For me though, the file is definitely there.
I'm using CentOS 6, and OpenSSH 5.3p1. Thanks for any help.
Best Answer
Do you use "ChrootDirectory"? That would explain "file not found" if your "/usr/libexec/openssh/sftp-server" exist.
You should use "Subsystem sftp internal-sftp" instead (or give up on Chroot)