Granting FTP access to one domain only on a droplet in var/www

July 2, 2019 134 views
Deployment Apache DigitalOcean Ubuntu 16.04

Hi everyone!

We have an ubuntu server with about ten different websites on it.

Login is by SSH keys.

I want now to create an SFTP user with access to one domain only.

Is there a tutorial on this? I thought it would be easy but it's proving tricky!

Thanks for reading,

1 Answer

Hello, there is a tutorial for this here:

https://www.digitalocean.com/community/tutorials/how-to-enable-sftp-without-shell-access-on-ubuntu-16-04

This will disable SSH access and limit the logged in SFTP user to one directory, eg, the web root directory for your one website/domain.

Even with the tutorial, this is a challenging bit of setup so proceed with caution and don't forget to backup your droplet in case you need to roll back.

Please let us know how it goes or if you have any questions about the tutorial and process.

Good luck!

by Mateusz Papiernik
SFTP stands for SSH File Transfer Protocol. As its name suggests, it's a secure way of transferring files to a server using an encrypted SSH connection. In a standard configuration, the SSH server grants file transfer access and terminal shell access to all users with an account on the system. In this tutorial, we'll set up the SSH daemon to limit SFTP access to one directory with no SSH access allowed on per user basis.
Have another answer? Share your knowledge.