User Tools

Site Tools


sftp limit users to home folder

With ssh keys (add user's public key to her home folder)

1. Add to end of /etc/ssh/sshd_config:

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp -f AUTH -l VERBOSE
Match group sftp
  ForceCommand internal-sftp
  ChrootDirectory %h
  X11Forwarding no
  AllowTcpForwarding no

2. Create group:

groupadd sftp

3. Create user and add it to the group:

useradd -d <home holder>  -m <username> -g sftp -s /bin/false

4. Home folder for the new sftp user has to be given to root owner and have correct permissions:

chown root:sftp <home folder>
chmod 755 <home folder>


service ssh restart

NOTE: if you need read/write access in /var/www folder, users need to be in www-data group.

usermod -aG www-data <username>

Tested on

See also


wiki/sftp_limit_users_home_folder.txt · Last modified: 2022/11/01 11:10 by antisa

Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki