By Okidoki
Hi, I managed to create a droplet with SSH public/private keys from the beginning using this tutorial. Obviously, those SSH keys are assigned only for ‘root’ user, so I’d like to add an additional sudo user who can access ONLY /var/www/website.com/html (the default folder for the site’s frontend) folder using Filezilla SFTP with SSH key (no password allowed).
So the question is, how do I pull this off? Is there any tutorial that addresses this? Can the sudo user share the same public/private SSH keys as root? If not, how do I add additional keys without interfering with the existing ones? Thanks in advance!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
To limit an SFTP user to a specific directory, you can edit /etc/ssh/sshd_config to include:
Match User username
ChrootDirectory /var/www/website.com/html
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp
Then restart ssh:
service ssh restart
If you want the same public key that can access your root account to also be able to access the new user account, you can copy over the authorized_keys file. Run:
mkdir -p /home/username/.ssh/
cp /root/.ssh/authorized_keys /home/username/.ssh/authorized_keys
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.