We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
How to enable SSH access for users only for file transfers?
How to enable SSH access for users only for file transfers?
As the topic says, how do I enable users to transfers files via SSH FTP only (no shell access) in place of FTP as my server is behind a firewall and FTP passive ports always makes it hard to configure.
Re: How to enable SSH access for users only for file transfe
Hi,
you can enable ssh in the settings of user
"SSH Access"
you can enable ssh in the settings of user
"SSH Access"
Re: How to enable SSH access for users only for file transfe
Hi, but would they be able to access via shell and gain access to admin features?
Otherwise, which ssh access should I enabled (sh, bash, dash, rssh)?
Thank you!
Otherwise, which ssh access should I enabled (sh, bash, dash, rssh)?
Thank you!
Re: How to enable SSH access for users only for file transfe
Maybe they can read files on server, but they cant edit and change server files
It normal for Linux
It normal for Linux
Re: How to enable SSH access for users only for file transfe
I've checked; yes, users are able to access sensitive system files including php.ini, httpd.ini, etc.
Is there a way to jail them to their home directory only?
Is there a way to jail them to their home directory only?
Re: How to enable SSH access for users only for file transfe
Is there any update to this?
I would like to allow SHH acess for my users but have them access files in their own account only. Currently, allowing SSH access on an account grants access to ALL server files.
Thanks for any help.
I would like to allow SHH acess for my users but have them access files in their own account only. Currently, allowing SSH access on an account grants access to ALL server files.
Thanks for any help.
Re: How to enable SSH access for users only for file transfe
The solution is jailing every user in their jail: Creating a Chroot Jail for SSH Access
Re: How to enable SSH access for users only for file transfe
Hi Trentor,
Thanks very much for the reply, it's really appreciated.
I've looked over the link and it's way too complicated for me to follow, sorry. I was hoping there was a way to carry this option easily in VestaCP (selecting a jailed SSH option?) but this doesn't appear to be the case...
Is there a step by step guide anywhere you know of that shows how best to achieve this in VestaCP at all?
Thanks again.
Thanks very much for the reply, it's really appreciated.
I've looked over the link and it's way too complicated for me to follow, sorry. I was hoping there was a way to carry this option easily in VestaCP (selecting a jailed SSH option?) but this doesn't appear to be the case...
Is there a step by step guide anywhere you know of that shows how best to achieve this in VestaCP at all?
Thanks again.
Re: How to enable SSH access for users only for file transfe
Hi Steve,
No, you can't do that directly under Vesta, you need to do it manually, but it's no so hard, there are a lots of manuals on Internet (check out for Jailkit, useful to create SSH jails): Jail SSH
If you don't want to do it manually, the imperio's solution is the best one; your users will have access to list files outside their directories but they will not be able to edit, delete or download that files.
Otherwise, the best solution for me it's try to configure properly the firewall and use a FTP server.
Good luck!!
No, you can't do that directly under Vesta, you need to do it manually, but it's no so hard, there are a lots of manuals on Internet (check out for Jailkit, useful to create SSH jails): Jail SSH
If you don't want to do it manually, the imperio's solution is the best one; your users will have access to list files outside their directories but they will not be able to edit, delete or download that files.
Otherwise, the best solution for me it's try to configure properly the firewall and use a FTP server.
Good luck!!