How to Install and Configure MySecureShell in Ubuntu Server Edition

This tutorial will shows you how to installing and Configure MySecureShell on ubuntu server edition. MySecureShell adds interesting features in terms of safety-SFTP Server. This tool uses the OpenSSH encryption to protect data and queries that are issued.There are more problems with the generation of certificates and public and private keys are supported for authentication without password.

Another advantage MySecureShell requires opening a single port for SSH and SFTP!The protocol used is based on the NFS (Network File System) and proves to be much more efficient than the simple FTP protocol.

MySecureShell Features:

  • Support public and private keys for secure authentication without password.
  • Only one port to open for SSH and SFTP (port 22 by default).
  • The protocol used is much more optimized than FTP because it is based on the protocol of the NFS .
  • It’s free and open source.
  • Management of activity of the server with logs.
  • Restrictions of users by ip, groups.
  • Power Encryption.
  • Control of bandwidth.
  • Security rights informations.
  • Easy installation and administration of the server with a graphical interface.
  • No certificate problems non-certified or certificate generation.

MySecureShell Installation is relatively simple, and many parameters can be adjusted.

Installing MySecureShell in Ubuntu Server 12.04/12.10/13.04/13.10

Step 1: You need to add the official repository of MySecureShell for ubuntu  into the file /etc/apt/sources.list by copy and paste the following commands:

cat << EOF | sudo tee -a /etc/apt/sources.list
deb testing main
deb-src testing main

Step 2: To import the GPG signature of the MySecureShell repository, by execute the following commands:

wget -O - "" | sudo apt-key add -

Step 3: Then update your package list and install MySecureShell package

sudo apt-get update
sudo apt-get install mysecureshell

Step 4. Create FTP User for MySecureShell:

Create a group that SFTP users will belong to. In example I’ll create group called “mssftp”.

sudo groupadd mssftp

Create authorized users to make sftp and allowed to do only sftp. In this case I’ll create user johndoe.

sudo useradd -m -s /bin/MySecureShell -g mssftp johndoe

sudo passwd johndoe

If you want to assign the existing users to MySecureShell, use the following commands. in this case I have username “precise”:

sudo usermod -s /bin/MySecureShell -g mssftp johndoe

Configure MySecureShell Server

The main configuration file of MySecureShell is usually called sftp_config , it placed on directory /etc/ssh/. With default configuration MySecureShell will work well. In the configuration file, you can define various per-group security settings. For a complete list of configuration examples, you can found it at here.  Use nano or vi command to editing file  /etc/ssh/sftp_config

This example configuration of MySecureShell with group “mssftp”. In the configuration file, you can define various rule per-group security settings

sudo nano /etc/ssh/sftp_config
<Group mssftp>
        Download                50k     # limit download speed for each connection
        Upload                  0       # unlimit upload speed for each connection
        StayAtHome              true    # limit user to his/her home directory
        VirtualChroot           true    # fake a chroot to the home account
        LimitConnectionByUser   1       # max connection for each account
        LimitConnectionByIP     1       # max connection by IP for each account
        IdleTimeOut             300     # disconnect user if idle too long time (in sec)
        HideNoAccess            true    # hide file/directory which user has no access

Run the following command to Restart MySecureShell service to take effect the saved changes:

/etc/init.d/mysecureshell restart

Connection to sftp server.  

Now you can access sftp server from client computer the program sftp . It is normally present by default in Ubuntu Server edition:

sftp johndoe@


You can also login to SFTP Server from computer client using any ftp client apps with GUI such as FileZilla, BareFTP, Jftp, etc. Enter the user name, password and SFTP port 22 to connect to a ftp server

mysecureshell connect from filezilla

MySecureShell has the following set of commands to administrate your SFTP server. sftp-admin,  sftp-kill,  sftp-state, sftp-user,  sftp-verif,  sftp-who.

Tags: #MySecureShell #Secure FTP #SFTP

No related post!
Must read×