Blacklisting/whitelisting sftp-server commands

Nico Kadel-Garcia nkadel at
Fri Sep 3 10:36:29 AEST 2021

On Thu, Sep 2, 2021 at 7:10 PM Travis Hayes <travis.hayes at> wrote:
> I'm running OpenSSH_7.4p1 (CentOS7) and have been asked to build a sort of
> "drop box" to allow clients read-only access from a certain directory.

If you can't do it gracefully with SFTP, for whatever reason, consider
sidestepping the issue and using FTPS with vsftpd. As much as I
appreciate OpenSSH and SSH in general, restricted directory access has
never been one of its most graceful uses. And vsftpd takes about 10
minutes to install and set up sanely.

More information about the openssh-unix-dev mailing list