{{tag>ftp ssh}}

====== sftp limit users to home folder ======
With ssh keys (add user's public key to her home folder)

1. Add to **end** of ///etc/ssh/sshd_config//:

  #Subsystem sftp /usr/lib/openssh/sftp-server
  Subsystem sftp internal-sftp -f AUTH -l VERBOSE

  Match group sftp
    ForceCommand internal-sftp
    ChrootDirectory %h
    X11Forwarding no
    AllowTcpForwarding no

2. Create group:

  groupadd sftp

3. Create user and add it to the group:

  useradd -d <home holder>  -m <username> -g sftp -s /bin/false

4. Home folder for the new sftp user has to be given to root owner and have correct permissions:

  chown root:sftp <home folder>

  chmod 755 <home folder>

5.

  service ssh restart

NOTE: if you need read/write access in ///var/www// folder, users need to be in www-data group.

  usermod -aG www-data <username>

====== Tested on ======
  * 

====== See also ======

====== References ======