Issue :

How to allow SFTP but disallow shell-level access ?

Solution :

To allow SFTP access but without shell access, you must first enable (jailed) shell via WHM. But then run the following so they do not have command line/shell access:

usermod -s /usr/local/cpanel/bin/noshell username

Of course, replace “username” with the actual account user name.

Then generate a key pair for the account in question:

cd /home/userid/.ssh

(Accept the default names, i.e. id_rsa)
Enter any passphrase and be sure to remember the passphrase used.

After this two files will be created:

***This is the private key.
***This is the public key.

Now entering the following:

cat >> authorized_keys

The id_rsa file is the private key to be used with FileZilla:

Preferences —> SFTP —> add key file.

Then configure FileZilla with SFTP and port – (insert ssh access port here), the user ID but NO password.

Remove both files from the on-line account:

Now SFTP transfers should work.

Contact Us On WhatsApp