Edit /etc/ssh/sshd_config and make sure to add the following at the end of the file:
Match group groupsftp
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Restart OpenSSH:
sudo /etc/init.d/ssh restart
Add new group for SFTP-only users:
sudo addgroup groupsftp
Add new user (make sure to switch out someone in the following steps to your specified someone):
sudo adduser someone
Add user to new group and set permissions:
sudo usermod -G groupsftp someone
sudo chown root:root /home/someone
sudo chmod 755 /home/someone
Create directories for user and set final permissions:
cd /home/someone
sudo mkdir test_folder
sudo chown someone:someone *
Set permission to web root
sudo chown -R someone /var/www
Comments are closed.