By Steve Lack
I am trying to set up my droplet so that an SFTP user can’t move up to view other directories above their own /home.
I added the following to sshd_config:
Match Group filetransfer ChrootDirectory %h X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp
Then I added the user the group filetransfer .
Then I added chown user:filetransfer /home
At that point the user is not able to log in via SFTP at all. What am I missing?
Thanks!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Check your /var/log/auth.log And make sure your sftp is unlocked in your firewall.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.