How to Add New SSH/SFTP User to Ubuntu to Specific Directory?

Many developers face the problem where they are insisted to share server details. Actually, the exchange of server details sometimes becomes mandatory in order to fulfill the requirement of the project.

We also understand, no one wants to make a client unhappy. Hence you decided to share your FTP details. Also, there is not only a single code or website is hosted on the server.

There is n number of things that need to be protected from a third party. In such a scenario, if we get an option to share the details with limited access, it will be great.

So SFTP gives the flexibility to share only the limited access where the client would have the access to the allowed files only. Here we will let you know the method to set up SFTP.

Before going to the processes directly, make sure you are implementing them on UBUNTU because the mentioned steps are specific to it.

SFTP User (Restrictive)

/home/yoursite.com is your root directory and when you need to run the shared code, change it to /home/yoursite.com as the root directory of the site.

New User Creation

To initiate the process, you need to create a new user and give it the id as “Client_User”. /home/yoursite.com should be assigned to the user as a Home Directory.

Now you need to fire up the terminal so that a connection with the server could be made. After the successful connection, the mentioned code can be used to create a new user.

sudo useradd -d /home/yoursite.com client_user

Please Note: Do not forget to change the name “Client_User” with the username of your choice. Also, replace /home/yoursite.com with the directory that has been assigned to that user.

How to set the password?

Password specific to the user can be created using the given code:

sudo passwd client_user

Now you have created the USER & set the PASSWORD as well. We need to make some changes to the SSH configuration. Furthermore, in order to restrict the access execute the below-given code.

Restrict Access

Go to the file /etc/ssh/sshd_config and append the shared command:

subsystem sftp internal-sftp
Match User client_user
ChrootDirectory %h
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp

h%: Home Directory

PS: Replace the “Client_User” name with a name you have preferred.

Once it is done, save the file and restart SSH services. In order to start, follow the code:

sudo service ssh restart

Here you are done. Now test the system by entering the set Username and Password.