Vesta Control Panel - Forum

As the topic says, how do I enable users to transfers files via SSH FTP only (no shell access) in place of FTP as my server is behind a firewall and FTP passive ports always makes it hard to configure.

Hi,
you can enable ssh in the settings of user
"SSH Access"

Hi, but would they be able to access via shell and gain access to admin features?
Otherwise, which ssh access should I enabled (sh, bash, dash, rssh)?

Thank you!

Maybe they can read files on server, but they cant edit and change server files
It normal for Linux

I've checked; yes, users are able to access sensitive system files including php.ini, httpd.ini, etc.
Is there a way to jail them to their home directory only?

Is there any update to this?

I would like to allow SHH acess for my users but have them access files in their own account only. Currently, allowing SSH access on an account grants access to ALL server files.

Thanks for any help.

The solution is jailing every user in their jail: Creating a Chroot Jail for SSH Access

Hi Trentor,

Thanks very much for the reply, it's really appreciated.

I've looked over the link and it's way too complicated for me to follow, sorry. I was hoping there was a way to carry this option easily in VestaCP (selecting a jailed SSH option?) but this doesn't appear to be the case...

Is there a step by step guide anywhere you know of that shows how best to achieve this in VestaCP at all?

Thanks again.

Hi Steve,

No, you can't do that directly under Vesta, you need to do it manually, but it's no so hard, there are a lots of manuals on Internet (check out for Jailkit, useful to create SSH jails): Jail SSH

If you don't want to do it manually, the imperio's solution is the best one; your users will have access to list files outside their directories but they will not be able to edit, delete or download that files.

Otherwise, the best solution for me it's try to configure properly the firewall and use a FTP server.

Good luck!!