Articles in this section

See more

How to give limited SSH access to Plesk domain's system user

Avatar
Alexandr Tumanov
Updated
Follow

Applicable to:

  • Plesk for Linux

Question

How to give limited SSH access to Plesk domain's system user?

Answer

Warning: SSH access allows the domain owner accessing the SSH interface under subscription's user account with non-administrative access. It can be provided only for system domain user. This type of access does not allow the user applying administrative commands and it cannot be used for applying instructions in other Plesk articles. In this case, the home folder for the user will be the same as specified in Plesk > Domains > example.com > Hosting Settings is provided.

 

Video instruction "How to provide SSH access for domain's system user"

Note: If the menus are different, upgrade to the latest Plesk version or contact server's administrator/hosting provider.

 

For a single domain/subscription

  1. Log into Plesk.

  2. Go to Plesk > Domains > example.com > Web Hosting Access.

  3. Set the appropriate user shell at Access to the server over SSH field (check this article to get information about different types of the shells):

    Note: The non-selectable Forbidden value for non-admin users means that the Management of access to the server over SSH permission is set to Not allowed in the subscription and/or service plan settings by the service provider.

    Follow instructions from this article to add such permissions to the subscription.

    Values Forbidden, /sbin/nologin or /usr/sbin/nologin will restrict SSH access to a user, the rest of options will allow SSH access.

  4. Click the OK button to apply changes.

  5. To ensure that the SSH access is provided to the john_doe user do the following:

    • Connect to the server via SSH.

    • Execute the following command:

      # grep john_doe /etc/passwd
      john_doe:x:10001:1003::/var/www/vhosts/example.com:/usr/local/psa/bin/sh

For all subscriptions under the same service plan

To provide SSH access to all Plesk users of subscriptions with the same service plan (only for Service Provider view), do the following:

Note: If the menus are different, upgrade to the latest Plesk version or contact server's administrator/hosting provider.

  1. Set required environment in the Plesk > Service Plans > Default > Hosting Parameters > SSH access to the server shell under the subscription's system user drop-down list:

  2. Go to Permissions tab in Plesk > Service Plans > Default and set Management of access to the server over SSH to Not Allowed in order to propagate new value to all already existing subscriptions:

    If Management of access to the server over SSH is allowed, the change will not be propagated to existing subscriptions - only to newly created ones.

    See Plesk Guide for more details: to preserve the modifications made by customers, Plesk does not sync a plan property if a related permission is granted.

  3. Click the Update & Sync button to apply changes and synchronize subscriptions with the service plan.

  4. To ensure that the SSH access is provided to the john_doe user do the following:

    • Connect to the server via SSH.

    • Execute the following command:

      # grep john_doe /etc/passwd
      john_doe:x:10001:1003::/var/www/vhosts/example.com:/usr/local/psa/bin/sh

Comments

3 comments

Sort by Date Votes
  • Avatar
    Umar Mughal

    Hi, how do i allow permission to user over SFTP to only httpdocs folder not root?

    0
    Permalink
  • Avatar
    Ivan Postnikov

    @Umar Mughal

    Hello!

    Such functionality is not implemented in Plesk.

    SFTP works over SSH and subscription users are able to access all files of subscription.

    New features may be suggested here

    0
    Permalink
  • Avatar
    Umar Mughal

    Alright Thanks!

    0
    Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles