Hi, I plan to install an SFTP server on one of our domain servers, but beforehand I wanted to setup a dummy server on one of my local workstations.

I used OpenSSH to setup a home location with the folder named SSHTestBed, full path: C:\SSHTestBed

I also created a new user named sshuser and set his home folder as SSHTestBed.

When I right-click->Properties on the SSHTestBed folder, the Security tab shows these permissions for sshuser:
Allow for Full Control, Modify, Read & Execute, List Folder Contents, Read, Write

I am able to connect without any problems with that user, but what troubled me is that I don't JUST see that folder like I would on an FTP server. I can hit the back button to go back to the C: Drive and move some folders over to the computer I'm connecting from iwth WinSCP.

How do I lockdown the SFTP server so that a particular connecting user doesn't have free access to the machine running the server? :?:

If it helps, the user sshuser is setup locally under Local Users and Groups under "Member Of" under NO group. Could this be the problem?

Two possible issues.
1) When installing/configuring the server you allowed to access to all system, instead of only to the desired foldeer
2) The sshuser has permission (direct or indirect) to the root of C: drive. In example, all 'Authenticated users' have permissions to create folders below C:\ and all the permissions except Change permissions, Take ownership and Delete subfolders and files. If the sshuser user will be authenticated (accepted by the logon) he will have the permissions.

Hope this helps

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.