Hello, Firstly my apologise for my english. I m a french guy. If i want to used FTPs accounts for one client. can i use The shell USER? Because i try! all is ok! but the user can read or seen all of parts in the server... he's not blocked on his home or website path... Do you have some idea for my problem? If i use jailkit, the conection doesnt work. MY ISPConfig : 3.1.2 Sytem: Debian Jessie TKx
I guess you mix up FTPS and SFTP. FTPS (FTP over SSL / TLS) is FTP and requires an FTP user while SFTP is SSH and requires an SSH user. So if you want to have secure FTP connections easily, then switch your FTP program to FTPS mode instead of SFTP mode.
Oh yes! Excuse me. My question was SFTP... oops My connection with winscp work, But i need the client stay on his folder. Now he have all the visibility with the others clients ... I want stay with ISPconfig/ is why i use the function "User shell " on ISPConfig
WinSCP support FTPS as well. Select as connection type "FTP" and then choose "TLS / SSL" as encryption method. This way you can use an FTP user and not SSH user in a secure way and you stay in that directory.
Hello this method work but: The connection dont open the good directory... i need, the user connect on the root of his website. And if the client try with SSH , the connection work too... but he still have the visibility on all the server... What is the good operation i need to make. Create a Shell User? and? modify the home directory? (on my isp he directory is on the good way.. /var/www/clients/client3/web7) If i activated Jaikit, doesn't work.. Excuse me but i'm not good with Linux ...
The directory is configurable on the options tab of the FTP user and the user is limited to the website. So this option provides everything that you requested, a secure Login with WinSCP to the site. A non-jailed SSH user can always see the whole server. This won't help you at all as shell users without jail are not limited to any directory. Jailkit works for SSH logins only, not SFTP. If you want to use jailkit for SCP, then you will have to reconfigure so that the jail contains all programs that are needed for scp. But I won't do that as there is a better and secure method that I described at the beginning.