Related

How to resize my file system in ubuntu after resizing a droplet? Question Question
Permissions on /var/www/html for uploading web site files via SFTP Question Question

Question

Restricting a users SFTP access to one directory.

Posted February 7, 2016 3k views
Linux BasicsUbuntuLinux Commands

I am trying to set up my droplet so that an SFTP user can’t move up to view other directories above their own /home.

I added the following to sshd_config:

Match Group filetransfer
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

Then I added the user the group filetransfer .

Then I added chown user:filetransfer /home

At that point the user is not able to log in via SFTP at all. What am I missing?

Thanks!

Add a comment
stevelack
By:
stevelack
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
ddulic February 7, 2016

Check your /var/log/auth.log
And make sure your sftp is unlocked in your firewall.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help