I am trying to set up my droplet so that an SFTP user can’t move up to view other directories above their own /home.
I added the following to sshd_config:
Match Group filetransfer ChrootDirectory %h X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp
Then I added the user the group filetransfer .
Then I added chown user:filetransfer /home
At that point the user is not able to log in via SFTP at all. What am I missing?
Thanks!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Check your /var/log/auth.log And make sure your sftp is unlocked in your firewall.