Hi there,
just wanted to share some information about setting up proftpd as sftp server with froxlor users.
I searched for this solution but couldn't find anything that suited my needs.
So, what I wanted to achieve was the following:
Using Froxlor FTP-Account management
No SSH Access for FTP-Users
Chroot for FTP-Users
No FTP Protocol (to avoid Firewall-Config-Nightmares)
No interference with standard ssh access
The setup was quite easy/straight-forward:
1st edit /etc/proftpd/modules.conf and add following line:
LoadModule mod_sftp.c
2nd edit /etc/proftpd/sql.conf and add following line:
Include /etc/proftpd/sftp.conf
3rd create file /etc/proftpd/sftp.conf with following content:
<IfModule mod_sftp.c>
SFTPEngine on
SFTPLog /var/log/proftpd/sftp.log
SFTPHostKey /etc/ssh/ssh_host_dsa_key
SFTPHostKey /etc/ssh/ssh_host_rsa_key
</IfModule>
4th restart proftpd:
service proftpd restart
Now your users are able to login to SFTP using standard FTP Port 21 (and you only need to open that port in your firewall), SSH File Transfer Protocol and will only be able to write to the FTP-Directory (i.e. customers home).
Hope this helps someone.