Okidoki
By:
Okidoki

How to disable FTP, enable SFTP only, Chroot SFTP users in specific folder? Ubuntu 14.04

October 22, 2014 4.3k views

Hi, I'm starting over and building my droplet from scratch (without SSH key. It's too problematic in a long run, IME), and this is the current problem I'm trying to figure out.

I'd like the droplet to only accept SFTP connection via Filezilla. I'd also like the ability to add 1 or 2 SFTP users who are "constrained" / secured within specific folder for security purposes.

Do I need to install specific programs/apps within the droplets? Is there specific tutorials to answers those issues above? I'm extremely confused and overwhelmed with all the available resources that are scattered online. Any help is appreciated. Thanks!

1 comment
  • nevermind, I think i started to figure it out. The only issue is assigning chown to 3 different users:

    -root (disabled for security purposes, but has full sftp access to droplet by default)
    -sudo-user (for SSH access only. Has full sftp access to droplet if needed)
    -sftp-user (access to sftp only to /var/www/example.com/html to upload/edit/delete files. No SSH access whatsover)

    /var/www/example.com/html is essentially the assigned virtual host of the site.

    So how do I alter the following code to accommodate those 3 users above?

    sudo chown -R $USER:$USER /var/www/example.com/html
    
Be the first one to answer this question.