Question Best way to add sftp user to be jailed within an existing host

[Paul Larson]

Server operating system version

Ubuntu 22.04.4 LTS

Plesk version and microupdate number

Obsidian Version 18.0.62 Update #2, last updated on July 29, 2024 11:19 PM

There are numerous threads that cover this issue, many I've read, but I can't seem to master this workflow.

• A domain exists, example.com, with user: example
• A directory exists, /var/www/vhosts/example.com/upload
• I'd like an sftp user (not ftp) jailed to /var/www/vhosts/example.com/upload

FTP is not an option for the client. FTP or over TLS not an option.

I've solved this in the past, but always felt I'm over-working something. My norm has been:

• Create completely separate ssh user (as root user, not in Plesk)
• Create group (usermod command), such as my-group, where 'example' and 'additional_user' are members
• Set directory ownership of /var/www/vhost/example.com/upload to example:my-group
• Then, the ssh user additonal_user can navigate to this 'upload' directory and upload files - but they can also navigate the rest of the web property

Paul

 

[Kaspar@Plesk]

I can't really think of any another way than what you've described already. Which is not to say there isn't any other way to accomplice, but to me your approche makes sense

 

[serbanovvostrov2]

I'm trying to search a solution for this and found this article: Plesk: Enable SFTP access for additional FTP users. Works but the user is not properly jailed, maybe you can take a look and if you can fix it can let me know as well