vigikaran · December 16, 2016 23:26
diff --git a/SFTP Only Users b/SFTP Only Users
 # Adding SFTP-only user to Ubuntu Server

 To add a SFTP-only user, you'll need to make sure your SSH config settings are correct, add a new user/group and set permissions for your new user. For step-by-step directions, see below. Omit `sudo` if you're logged in as root.

 ### Directions

 1. Edit `/etc/ssh/sshd_config` and make sure to add the following at the end of the file:
 	
 		Match group filetransfer
 	    	ChrootDirectory %h
 		    X11Forwarding no
 		    AllowTcpForwarding no
 	    	ForceCommand internal-sftp

 2. Restart OpenSSH:

 		sudo /etc/init.d/ssh restart

 3. Add new group for SFTP-only users:
 		
 		sudo addgroup filetransfer

 4. Add new user (make sure to switch out **username** in the following steps to your specified username):

 		sudo adduser username
 		
 5. Add user to new group and set permissions:

 		sudo usermod -G filetransfer username
 		sudo chown root:root /home/username
 		sudo chmod 755 /home/username
 		
 6. Create directories for user and set final permissions:

 		cd /home/username
 		sudo mkdir folder_1 folder_2
 		sudo chown username:username *
 		
 7. Setup a symbolic link to make the user's folder available to the public (`/var/www/...` path will be dependent on your environment):

 		sudo ln -s /home/username/USER_DIRECTORY /var/www/devpress.cbai.us/wordpress/PUBLIC_DIRECTORY/
 		
 	*If you need to view the public directory index, you may have to add a .htaccess file in your PUBLIC_DIRECTORY with: Options +Indexes*

 8. Use [Cyberduck](http://cyberduck.ch/) or another SFTP client to connect. Go have a beer.
	# Adding SFTP-only user to Ubuntu Server

	To add a SFTP-only user, you'll need to make sure your SSH config settings are correct, add a new user/group and set permissions for your new user. For step-by-step directions, see below. Omit `sudo` if you're logged in as root.

	### Directions

	1. Edit `/etc/ssh/sshd_config` and make sure to add the following at the end of the file:

	Match group filetransfer
	ChrootDirectory %h
	X11Forwarding no
	AllowTcpForwarding no
	ForceCommand internal-sftp

	2. Restart OpenSSH:

	sudo /etc/init.d/ssh restart

	3. Add new group for SFTP-only users:

	sudo addgroup filetransfer

	4. Add new user (make sure to switch out username in the following steps to your specified username):

	sudo adduser username

	5. Add user to new group and set permissions:

	sudo usermod -G filetransfer username
	sudo chown root:root /home/username
	sudo chmod 755 /home/username

	6. Create directories for user and set final permissions:

	cd /home/username
	sudo mkdir folder_1 folder_2
	sudo chown username:username *

	7. Setup a symbolic link to make the user's folder available to the public (`/var/www/...` path will be dependent on your environment):

	sudo ln -s /home/username/USER_DIRECTORY /var/www/devpress.cbai.us/wordpress/PUBLIC_DIRECTORY/

	If you need to view the public directory index, you may have to add a .htaccess file in your PUBLIC_DIRECTORY with: Options +Indexes

	8. Use [Cyberduck](http://cyberduck.ch/) or another SFTP client to connect. Go have a beer.