I've set up an OpenSSH SFTP connection with the help of documentation and WinSCP and want a colleague to be able to upload files to my computer using this SFTP connection.
- I've created a new local user on my machine and when I test the connection, I'm able to view all folders, root directory, etc., but am unable to access any other folders except the one which I created (which is good), however I need to limit the permissions so the new user can only view the folder they're to upload the file to.
- I've checked the permissions on via Properties > Permissions > Security to see the users/groups that have access and have removed the new user from the
users
group - The new user doesn't appear to have access to any folder, but when I connect using [WinSCP] SFTP, I'm still able to see all folders; however, when I click a folder, I don't have access to it and receive an error.
How can I restrict the new user to only have access to view a single folder, as well as force the SFTP connection to open to that folder upon connecting?
net user add
; (2) Create a non-default group for that specific user; (3) Ensure the new user is removed from all other groups; (4) Add that user to the ACL for the folder you want the user to access, providing the user only Files Only access (it may need to This Folder and Files) with Write Only privs. Also seeicacls /?
net user <username>
return anyGroup memberships
? You may have to explicitly Deny the new user access toC:
, selecting This folder, subfolders, and files. I've never done so before, so you may have to play with this a little to find the right combination, as doing so toC:
may block that user's access to the folder you want access to; if so, you may need to use the Advanced Permissions section if using the GUI.