@2digit
Setting up SFTP isn’t all that difficult, though when it comes to SFTP, the base folder must be owned by root
, thus setting up SFTP on a specific directory wouldn’t be possible as the point is to prevent users from being able to escape (in theory).
So if your home directory (for example) is:
/home/myuser/public_html
… and your themes directory is:
/home/myuser/public_html/wp-includes/themes
Then you won’t be able to setup SFTP on ./themes
as ./wp-includes
isn’t owned by root
and you really don’t want it to be.
The way SFTP works, with the default modifications we’d normally make to SSH’s configuration is that the users defined home directory is owned by root
and directories below it are owned by the user.
For example, if we create a home directory for a new user:
mkdir -p /home/newuser
… create a few directories below it:
mkdir -p /home/newuser/{public,private,logs}
Resulting in:
/home/newuser/public
/home/newuser/private
/home/newuser/logs
Then we add a new user and specify the home directory:
useradd -d /home/newuser newuser
The directory /home/newuser
needs to be owned by root
, else you won’t be able to login. The other directories we created can be owned by newuser
and they should, but if that one directory isn’t owned by the root
user, login will fail.
The only way around this would be to create an SFTP user on another directory and then sync the two using rsync
or lsyncd
, but that adds a little more complexity to something that should be simple.