How to: Turning off SFTP server under Linux / UNIX cpanel server

October 10, 2007in CentOS, Debian / Ubuntu, HP-UX Unix, Networking, Openbsd, RedHat and Friends, Security, Solaris-Unix, Ubuntu Linux, UNIX last updated October 10, 2007

Q. I’ve CentOS Linux cpanel server. I’d like to turn off SFTP server but only allow SSH for root user. How do I trun off sftp server?

A. OpenSSH / sshd reads configuration data from /etc/ssh/sshd_config. The file contains keyword-argument pairs, one per line. Lines starting with â€˜#â€™ and empty lines are interpreted as comments. Configures an external subsystem such file transfer daemon (SFTP) done through this file only. Arguments should be a subsystem name and a command to execute upon subsystem request. The command sftp-server implements the â€œsftpâ€ file transfer subsystem. sftp-server is a program that speaks the server side of SFTP protocol. sftp-server is not intended to be called
directly, but from sshd using the Subsystem option.

Disable / Turn off sftp server

Open /etc/ssh/sshd_config file:
# vi /etc/ssh/sshd_config
Find line that read as follows:
Subsystem sftp /usr/lib/openssh/sftp-server
Remove or comment out line by prefixing #:
# Subsystem sftp /usr/lib/openssh/sftp-server
Save and close the file. Restart sshd service:
# /etc/init.d/sshd restart

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

9 comment

Kilian says:

June 23, 2011 at 6:35 pm

so its gonn abe normal FTP then? cause SFTP was so slow I couldnt work on it
Marc says:

December 5, 2011 at 2:52 pm

No it doesn’t. Not much support on how to enable normal (non secure) FTP ;p
Nenad Marjanovic says:

January 8, 2013 at 8:15 pm

Better solution is to replace :

Subsystem sftp /usr/lib/openssh/sftp-server

Replace with :

Subsystem sftp /bin/false
1. Jon says:
  
  June 2, 2014 at 5:39 pm
  
  Why is that a better solution?
  1. ovi says:
    
    June 12, 2014 at 1:27 pm
    
    because that one works…
    1. argon says:
      
      June 11, 2015 at 1:29 pm
      
      Yup, he is right, .. its better coz it works. Tried on Ubuntu also.
      Thanks ovi.
Dhruva says:

April 16, 2016 at 5:40 am

Hi,

I read your answer for disabling sftp in server. But my problem is I am having “Subsystem sftp /usr/libexec/openssh/sftp-server” instead of “Subsystem sftp /usr/lib/openssh/sftp-server” what you have said.

And also I have commented out(#) that line and restarted sshd, but it’s not working for me. Please help me.

Thanks.
Garima Jain says:

June 21, 2016 at 8:37 am

Is there a way to run only SFTP on port 22 and ssh on a different port? SSH should not respond on 22.

-Garima Jain.
igor says:

September 23, 2016 at 1:05 am

Comment out the line that says Subsystem sftp /usr/libexec/openssh/sftp-server with a #, so it looks like:
# Subsystem sftp /usr/libexec/openssh/sftp-server
And add a line just below like this:
Subsystem sftp /bin/false

Comments are closed.

Tagged as: centos linux, configuration data, cpanel, disable sftp-server, openssh, root user, sftp server, ssh, sshd, UNIX

Disable / Turn off sftp server

Posted by: Vivek Gite

Share this on:

9 comment