<div>
Hi,&nbsp; you should set the appropriate rights on the cli of the NAS mounted paths. ie similar like a chroot jail environment where you would redefine the user's root / directory upon login. Somethin like: <pre><code class="code-1 nolinks" id="code-20-43024976-1">sudo chown root /home/sftpuser
sudo chmod go-w /home/sftpuser
sudo mkdir /home/sftpuser/writeable
sudo chown sftpuser:sftponly /home/sftpuser/writeable
sudo chmod ug+rwX /home/sftpuser/writeable
</code></pre> Just as an example you can set any other path as write-able as you see fit off course.&nbsp; That way 'sftpuser' or any other user you define won't be able to browse outside the defined perimiters and see all sorts of stuff he or she shouldn't. As access is 'wide open' as a default. As for automated login without prompting for a password then you need to create a client certificate and load it up the sftp server. ie. create a new pass-phrase-free ssh key on the client, and then add it to <code>authorized_keys</code> on your sftp server. Or Like the above , but instead set a passphrase on the key, and use <code>ssh-agent</code> to unlock it prior to running sftp. Cheers
</div>

Software Engineer

noci

<div>
To be clear the public key needs to be added to the server, the user holds the private key.The ssh agent ID unlocking is once / logon (or as long as the ssh-agent runs).
</div>

dfke

<div>
That's not a real restriction. &nbsp;It will work for the non-tech user, but if some hacker got their account, they would still be able to traverse out of those folders. 
 
You need to create a chroot jail if you need it to be more secure. Here's some basic instructions for ubuntu. &nbsp;<a href="https://help.ubuntu.com/community/BasicChroot" rel="ugc">https://help.ubuntu.com/community/BasicChroot</a>
</div>

cloud consultant

enthuguy

<div>
<div class="content wysiwyg-content">
Hi Linux, Network, SFP experts, 
 
could you please suggest, how to restrict a user sftp access 
 
scenario: 
Have a linux server 
Created a local user &quot;sftpuser&quot; on the Amazon Linux server 
Since we just wanted to allow sftp access to a particualar directory 
Installed required sftp packages etc and mounted a NAS drive 
Now, I can sftp to this host without any issues. 
 
My request is 
1. how can I restrict this user &quot;sftpuser&quot; to access only a particular directory (NAS mounted path) with readwrite access 
2. Is it possible to give only a readonly access (not write) to a particular directory (NAS mounted path) 
3. First time it asks for host confirmation and I have to type yes, then all the subsquent login is fine wihtout prompt. So how to avoid them 
 
kindy please help
</div>
</div>

Hi Linux, Network, SFP experts,

could you please suggest, how to restrict a user sftp access

scenario:
Have a linux server 
Created a local user "sftpuser" on the Amazon Linux server
Since we just wanted to allow sftp access to a particualar directory
Installed required sftp packages etc and mounted a NAS drive
Now, I can sftp to this host without any issues.

My request is
1. how can I restrict this user "sftpuser" to access only a particular directory (NAS mounted path) with readwrite access
2. Is it possible to give only a readonly access (not write) to a particular directory (NAS mounted path)
3. First time it asks for host confirmation and I have to type yes, then all the subsquent login is fine wihtout prompt. So how to avoid them 

kindy please help

restrict sftp user access

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.

Linux

The File Transfer Program (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network. Built on a client-server model architecture, it separates control and data connections between the client and the server. Users may access the server through a sign-in protocol, typically in the form of a username and password.

File Transfer

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.