Adding an ssh or SFTP user for Vaultpress

I need to add a new user so wordpress Vaultpress can connect for backups. Thing is it needs read-write access.

Steps so far:

useradd vaultpressr passwd vaultpress usermod -m -d /path/to/website/public vaultpress

usermod -G www-data vaultpress

So now I have a user named vaultpress, who is part of the www-data group, who can SFTP in directly to the directory I need vaultpress to back up.

Except vaultpress can’t write to the directory. Vaultpress needs write ability to put files back.

I frankly don’t know what rights the various groups have, I was hoping that being part of the www-data group would give vaultpress the correct rights.

What to do next.


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.


Unless their setup has changed recently, you shouldn’t need to create a separate user. The plugin runs as the user and group that currently owns your files and directories – if that’s www-data, then that’s who the plugin will run as and who the plugin will use to restore files if required.

If you specify another user and files and directories are restored as that user and group, you may run in to issues and have to reset the ownership back to www-data in the event you do need to restore.

By default, files are generally chmod 644 and directories chmod 755.

In the the case of writing files to a directory, a chmod of 755 only provides write permissions to the owner, not the group or other. So even though your vaultpress user is a member of www-data, the group, they are not the owner.

In the case of files, 644 only provides read and write to the owner, while only providing read to the group and other. So, much like with directories, if vaultpress tries to write to a file, it wont be able to.

If your files and directories are owned by www-data:www-data, then that’s what the plugin would and should use.