Hello, I am just finishing up building my first server. I am able to login to SFTP via my main SSH root account. Now I want to create a SFTP user that will have full permissions for public_html as I will be using that account exclusively for uploading files and SFTP access, and not my root account. That user should not have SSH access or any other access. Please tell me if its a good practise, and what commands I need to do it? I am not using any control panels, so only SSH. man useradd is too complex for me. Thank you
You can add this at the end of /etc/ssh/sshd_config: Code: Match User someuser AllowTCPForwarding no X11Forwarding no ForceCommand /usr/lib/openssh/sftp-server Restart SSH afterwards. someuser should then have SFTP access.
After adding the above code, when I restarted sshd, it stopped and did not started again due to some error. 1. anyways, I have added a user through useradd, and he has sftp access by default. I also made him to be the only user to su to root, and disallowed root to login. Is this a good practise?? NOW, I am facing some permission problems. I am using nginx webserver. - I have my folder structure like this: /home/username/public_html - Owner of "home" and "username" is root. Fine! - Owner of public_html is "nginx". Okay! Now, I am unable to upload files as user "username" in public_html folder (which belongs to nginx). However, if I change the owner of public_html to "username", it works fine. 2. So, my question is how do I make my "username" to be able to add/delete files in folders of other users, except root ofcourse. Thank you
You can add "username" to the group of the folder (make sure the group has write permissions on that folder).
