Member-only story

How to restrict SFTP Users Access

2 min readDec 13, 2021

Creating SFTP or FTP user is easy, but as default, it can access all your server files. So we need to restrict the access of the SFTP User you have been created. Here are the following steps on how you can do it.

Create a Group

$ groupadd developers

Create a new user and add it to the developers group

$ useradd -G developers dev_user

Ensure that user added properly to group developers:

$ id dev_userSample outputs:uid=1122(dev_user) gid=1125(dev_user) groups=1125(dev_user),1124(developers)

Restrict user from login in using ssh

$ usermod -s /usr/sbin/nologin dev_user

Set user password

$ passwd dev_user

Create Home Directory for user

$ mkdir /var/www/html/web/developers //parent of home directory, set to root user and group
$ mkdir /var/www/html/web/developers/public

Set Home Directory Access

$ chown dev_user:developers /var/www/html/web/developers/public