Mdthbs

If a creature is blocking and it has vigilance does it still tap?

How can solar sailed ships be protected from space debris?

Do I need to be legally qualified to install a Hive smart thermostat?

My players like to search everything. What do they find?

Blood-based alcohol for vampires?

Story about two rival crews terraforming a planet

Auto replacement of characters

Do the 26 richest billionaires own as much wealth as the poorest 3.8 billion people?

A student "completes" 2-week project in 3 hours and lies about doing it himself

Is it possible that Curiosity measured its own methane or failed doing the spectrometry?

Are there advantages in writing by hand over typing out a story?

How come having a Deathly Hallow is not a big deal?

Bootstrap paradox with a time machine in iron

How long had Bertha Mason been in the attic at the point of the events in Jane Eyre

When you're given a degree sequence, what is the method to draw a graph which has that degree sequence?

Should I cross-validate metrics that were not optimised?

3D nonogram – What's going on?

Why is the saxophone not common in classical repertoire?

How frequently do Russian people still refer to others by their patronymic (отчество)?

gzip compress a local folder and extract it to remote server

What caused the flashes in the video footage of Chernobyl?

Who are the police in Hong Kong?

What could a Medieval society do with excess animal blood?

Magento 2: I am not aware about magneto optimization. Can you please share the steps for this?

Restrict SFTP users to different directories

How can I restrict ssh user to particular directory with write permission?How to write in home user with chrooted sftpHow to set up chrooted and non-chrooted sftp?setting up sftp users only second instances of sshdSSH with chroot and only working “sftp”, “rsync” (both)?Allow user to connect using SSH or SFTP but limit to home dir (Centos7)Debian SFTP WinSCP “Authentication failed.” User in Group can't establish SFTP connectionchroot multiple directories in linux using active directory groupsLogging Chrooted Users SFTP Activityrestricting of Sftp users setupTrying to add an SFTP user without changing ownership to them

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}

2

2

How can I restrict some users/groups to some directories? I mean different users, different directories.

• What I have: Ubuntu 14.


• Experience with Ubuntu: Just started.

What I have tried:

1. I read this page. This was working till a bit extent, what the problem is that, the user can do things only in his folder/directory, which is read/write and edit, but the user can also go elsewhere, and open files and copy scripts from there, which can be risky as while having a game server on the VPS. He can't delete/edit or add files but can VIEW files other than his directory.




2. And, then this page. This worked fine, but the problem is, I couldn't find a way to add more users to different directories. Like, I could only add one user to directory which was specified in sshd_config file. There is only one directory which can be restricted for one group. I want it to be flexible, able to add different users to different directories... groups.

Here is what I'm talking about: sshd_config

Subsystem sftp internal-sftp

Match group shooter

ChrootDirectory /home/shooter/shooter/mods

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

That shooter group can only access that ChrootDirectory. If I add different users to that group, they'll be able to view only that path. I want other users to view other directories, how is that possible?

Please help me, It's really important for me, as I've many game-servers to handle on a VPS, working with different developers.

ssh chroot sftp account-restrictions

share|improve this question

edited Sep 19 '15 at 15:02

Gilles

561k134134 gold badges11571157 silver badges16641664 bronze badges

asked Sep 19 '15 at 13:06

Shikhar BahetiShikhar Baheti

1122 bronze badges

bumped to the homepage by Community♦ 1 hour ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  just a remark ssh (and sftp) have nothing to do with vsftpd who have a configuration of its onw (/etc/vsftpd/vsftpd.conf)
  
  – Archemar
  Sep 19 '15 at 14:17
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Do you want some sense of security with an unencrypted FTP? Is it in some SOHO LAN, or?
  
  – Incnis Mrsi
  Sep 19 '15 at 14:24
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  It is a Ubuntu VPS, security can be left out if the thing works.
  
  – Shikhar Baheti
  Sep 19 '15 at 14:49
  

  
  
  
  

add a comment | 

2

2

How can I restrict some users/groups to some directories? I mean different users, different directories.

• What I have: Ubuntu 14.


• Experience with Ubuntu: Just started.

What I have tried:

1. I read this page. This was working till a bit extent, what the problem is that, the user can do things only in his folder/directory, which is read/write and edit, but the user can also go elsewhere, and open files and copy scripts from there, which can be risky as while having a game server on the VPS. He can't delete/edit or add files but can VIEW files other than his directory.




2. And, then this page. This worked fine, but the problem is, I couldn't find a way to add more users to different directories. Like, I could only add one user to directory which was specified in sshd_config file. There is only one directory which can be restricted for one group. I want it to be flexible, able to add different users to different directories... groups.

Here is what I'm talking about: sshd_config

Subsystem sftp internal-sftp

Match group shooter

ChrootDirectory /home/shooter/shooter/mods

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

That shooter group can only access that ChrootDirectory. If I add different users to that group, they'll be able to view only that path. I want other users to view other directories, how is that possible?

Please help me, It's really important for me, as I've many game-servers to handle on a VPS, working with different developers.

ssh chroot sftp account-restrictions

share|improve this question

edited Sep 19 '15 at 15:02

Gilles

561k134134 gold badges11571157 silver badges16641664 bronze badges

asked Sep 19 '15 at 13:06

Shikhar BahetiShikhar Baheti

1122 bronze badges

bumped to the homepage by Community♦ 1 hour ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  just a remark ssh (and sftp) have nothing to do with vsftpd who have a configuration of its onw (/etc/vsftpd/vsftpd.conf)
  
  – Archemar
  Sep 19 '15 at 14:17
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Do you want some sense of security with an unencrypted FTP? Is it in some SOHO LAN, or?
  
  – Incnis Mrsi
  Sep 19 '15 at 14:24
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  It is a Ubuntu VPS, security can be left out if the thing works.
  
  – Shikhar Baheti
  Sep 19 '15 at 14:49
  

  
  
  
  

add a comment | 

How can I restrict some users/groups to some directories? I mean different users, different directories.

• What I have: Ubuntu 14.


• Experience with Ubuntu: Just started.

What I have tried:

1. I read this page. This was working till a bit extent, what the problem is that, the user can do things only in his folder/directory, which is read/write and edit, but the user can also go elsewhere, and open files and copy scripts from there, which can be risky as while having a game server on the VPS. He can't delete/edit or add files but can VIEW files other than his directory.




2. And, then this page. This worked fine, but the problem is, I couldn't find a way to add more users to different directories. Like, I could only add one user to directory which was specified in sshd_config file. There is only one directory which can be restricted for one group. I want it to be flexible, able to add different users to different directories... groups.

Here is what I'm talking about: sshd_config

Subsystem sftp internal-sftp

Match group shooter

ChrootDirectory /home/shooter/shooter/mods

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

That shooter group can only access that ChrootDirectory. If I add different users to that group, they'll be able to view only that path. I want other users to view other directories, how is that possible?

Please help me, It's really important for me, as I've many game-servers to handle on a VPS, working with different developers.

ssh chroot sftp account-restrictions

share|improve this question

edited Sep 19 '15 at 15:02

Gilles

561k134134 gold badges11571157 silver badges16641664 bronze badges

asked Sep 19 '15 at 13:06

Shikhar BahetiShikhar Baheti

1122 bronze badges

Subsystem sftp internal-sftp

Match group shooter

ChrootDirectory /home/shooter/shooter/mods

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

share|improve this question

edited Sep 19 '15 at 15:02

Gilles

561k134134 gold badges11571157 silver badges16641664 bronze badges

asked Sep 19 '15 at 13:06

Shikhar BahetiShikhar Baheti

1122 bronze badges

share|improve this question

edited Sep 19 '15 at 15:02

Gilles

561k134134 gold badges11571157 silver badges16641664 bronze badges

asked Sep 19 '15 at 13:06

Shikhar BahetiShikhar Baheti

1122 bronze badges

edited Sep 19 '15 at 15:02

Gilles

561k134134 gold badges11571157 silver badges16641664 bronze badges

edited Sep 19 '15 at 15:02

Gilles

561k134134 gold badges11571157 silver badges16641664 bronze badges

asked Sep 19 '15 at 13:06

Shikhar BahetiShikhar Baheti

1122 bronze badges

asked Sep 19 '15 at 13:06

Shikhar BahetiShikhar Baheti

1122 bronze badges

1 Answer
1

active

oldest

votes

0

Change ChrootDirectory /home/shooter/shooter/mods to ChrootDirectory %h doing so you can restrict users of that groups to their home directory.

Subsystem sftp internal-sftp

Match group shooter

ChrootDirectory %h

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

Follow this for write issue sftp_with_write_issue

share|improve this answer

edited Apr 13 '17 at 12:36

Community♦

1

answered Sep 8 '16 at 11:55

VinayakVinayak

622 bronze badges

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f230709%2frestrict-sftp-users-to-different-directories%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

Change ChrootDirectory /home/shooter/shooter/mods to ChrootDirectory %h doing so you can restrict users of that groups to their home directory.

Subsystem sftp internal-sftp

Match group shooter

ChrootDirectory %h

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

Follow this for write issue sftp_with_write_issue

share|improve this answer

edited Apr 13 '17 at 12:36

Community♦

1

answered Sep 8 '16 at 11:55

VinayakVinayak

622 bronze badges

add a comment | 

0

Change ChrootDirectory /home/shooter/shooter/mods to ChrootDirectory %h doing so you can restrict users of that groups to their home directory.

Subsystem sftp internal-sftp

Match group shooter

ChrootDirectory %h

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

Follow this for write issue sftp_with_write_issue

share|improve this answer

edited Apr 13 '17 at 12:36

Community♦

1

answered Sep 8 '16 at 11:55

VinayakVinayak

622 bronze badges

add a comment | 

Change ChrootDirectory /home/shooter/shooter/mods to ChrootDirectory %h doing so you can restrict users of that groups to their home directory.

Subsystem sftp internal-sftp

Match group shooter

ChrootDirectory %h

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

Follow this for write issue sftp_with_write_issue

share|improve this answer

edited Apr 13 '17 at 12:36

Community♦

1

answered Sep 8 '16 at 11:55

VinayakVinayak

622 bronze badges

Subsystem sftp internal-sftp

Match group shooter

ChrootDirectory %h

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

share|improve this answer

edited Apr 13 '17 at 12:36

Community♦

1

answered Sep 8 '16 at 11:55

VinayakVinayak

622 bronze badges

edited Apr 13 '17 at 12:36

Community♦

1

edited Apr 13 '17 at 12:36

Community♦

1

answered Sep 8 '16 at 11:55

VinayakVinayak

622 bronze badges

answered Sep 8 '16 at 11:55

VinayakVinayak

622 bronze badges