Question

Restrict the new user

Hi;

I want to restrict my new created user. Only the /home/user section can be accessed. How can I do that?

Subscribe
Share

I found the answer. For those seeking the same;

Create a new group

sudo addgroup exchangefiles

Create the chroot directory

sudo mkdir /var/www/GroupFolder/
sudo chmod g+rx /var/www/GroupFolder/

Create the group-writable directory

sudo mkdir -p /var/www/GroupFolder/files/
sudo chmod g+rwx /var/www/GroupFolder/files/

Give them both to the new group

sudo chgrp -R exchangefiles /var/www/GroupFolder/

after that i went to /etc/ssh/sshd_config and i added in the end of the file

Match Group exchangefiles
  # Force the connection to use SFTP and chroot to the required directory.
  ForceCommand internal-sftp
  ChrootDirectory /var/www/GroupFolder/
  # Disable tunneling, authentication agent, TCP and X11 forwarding.
  PermitTunnel no
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

Now I’m going to add new user with obama name to my group

sudo adduser --ingroup exchangefiles obama 

now every thing is completly finish we need one commend to restart the ssh again

sudo service ssh restart

notice: the user now can’t do any thing out file directory I mean all his file must be in file Folder


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Use permission 700 and make sure the folder owner is correct.