Security problem with sftp access (with regular user)

JHOSMAN · March 3, 2025, 7:56pm

Hi, I have a security issue

I have created a new hestiaCP user, to which I assigned the bash role, so that it can access via SSH or SFTP, however this new hestiacp user can browse all the directories of my server in the root, how can I restrict users, so that they can only access the user’s root.

I can see all the users in the /home directory, also all the directories in the / root

Thanks.

Raphael · March 3, 2025, 8:09pm

User with bash permission can see all home folders but not read them This is not a security issue, it’s by design. Stick to jailed ssh or no shell for jailed sftp.

JHOSMAN · March 3, 2025, 8:30pm

Thanks i update the user profile to jailbash

system · April 2, 2025, 8:30pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.