youtube unreal-labs

Setting up SFTP on Ubuntu Linux

· August 11, 2023 · linux · , , , , , , , , , , , , , , , , · No Comments

Here is how I setup and configure SFTP on my Ubuntu server.

  • Install the OpenSSH Server:

If you haven’t already installed the SSH server, you can do so with the below command.

sudo apt update
sudo apt install openssh-server
  • Let’s now verify SSH service is running.
sudo systemctl status ssh
  • Let’s configure SFTP

By default, any user with SSH access to the server can use SFTP to access their home directories. If you want to restrict SFTP users to their home directory, you should “chroot” them.

Let’s edit the SSh configuration file:

sudo nano /etc/ssh/ssh_config

add the following at the bottom of the file:

Match Group sftpusers
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
PasswordAuthentication yes

Save and close the file.

  • Let’s create the sftpusers group and a user account and then add them to the group.
sudo addgroup sftpusers
sudo adduser newusername
sudo adduser newusername sftpusers
  • Finally lets set ownership and permissions on the chroot directory
sudo chown root:root /home/newusername
sudo chmod 755 /home/newusername
sudo mkdir /home/newusername/files
sudo chown newusername:sftpusers /home/newusername/files

Now, the user will be chrooted into their home directory when they log in with SFTP and they won’t be able to navigate outside of it. It’s important to remember that when chroot with SFTP, you must always ensure that the chroot directory and all of it’s parent directories remain owned by ‘root’ and are not writable by the chrooted user. If this is not the case, then the chroot environment could be bypassed leading to security issues.

Filtering Sessions on a FortiGate Firewall

· July 19, 2023 · Fortinet · , , , , , , , , , , , , , , , , · No Comments

To view filtered sessions in the Fortinet Command Line interface (CLI) on a FortiGate firewall, you can use the “diagnose sys session list” command after you apply the filtering options you would like to use.

  1. Access the FortiGate CLI through SSH or console connection, you can use a program like PuTTY or a windows terminal.
  2. Log in with your administrator credentials.
  3. Use the “diagnose sys sessions filter” command with the desired filtering options. For example, to filter sessions sourcing from 192.168.1.10:
diagnose sys sessions filter src 192.168.1.10
  1. After applying the filter, use the “diagnose sys session list” command to view the filtered sessions:
diagnose sys sessions list

This command will display the list of sessions that match your specified filtering criteria.

The output may be quite large, depending on the number of sessions matching the filter, but thankfully you can use additional options with the “diagnose sys session list” command to customize the output, like specifying the number of sessions to display or filtering based on specific session states.

Let’s look at an example to limit the number of displayed sessions to 100:

diagnose sys session list | head -n 100

Now lets filter our sessions that are currently in an established state.

diagnose sys sessions list | grep "ESTABLISHED"

Please remember that the cli is case-sensitive and you will need to enter the filtering parameters correctly to get accurate results.

Now that we have found the sessions that we might want to clear let’s run the below command to clear the pesky connections. Remember using this command without any filters applied will clear all sessions currently opened on the FortiGate unit, BE CAREFUL!

diagnose sys session clear

Thanks for reading and please check out our YouTube channel for more content.

Website Powered by WordPress.com.