Show Contents / Index / Search

SFTP Directories Pane

Getting there

Use the SFTP Directories pane to customize user directory access and to configure virtual directory names.

Note: Items on this pane can be configured globally or as part of a subconfiguration.

SFTP accessible directories

 

Allow all

Use Allow all to select or clear the allow box for all listed directories.

Note: This option is not inherited by user or group subconfigurations.

 

Allow

Determines whether a listed directory is accessible to users. This option is selected by default when you create a new list item. Clear to leave an item on the list without providing access to the specified directory.

 

Virtual directory

The directory name that users see and access.

 

Physical directory

The actual directory path on the Reflection for Secure IT server or in the Windows domain.

 

Add

Opens the Accessible Directories Settings dialog box, from which you can add an item to the SFTP accessible directories list.

 

Edit

Opens the Accessible Directories Settings dialog box, from which you can edit the selected item.

 

Remove

Removes the selected item(s) from the SFTP accessible directories list.

User login directory

 

Directory list

User login directory specifies which directory a user sees after connecting to the server using SFTP or SCP2. The list of available directories consists of "<virtual root directory>" and all currently configured and allowed directories.

  • The value <virtual root directory> sets the login directory to be a virtual directory that contains all user-accessible directories.
  • If you have configured a chrooted environment (Virtual directory = /), the user login directory is set automatically and can't be edited.

    For additional information on virtual root and chroot directories, see Virtual Root Directories in Reflection for Secure IT.

Subconfiguration Features

 

Reload inherited settings

Removes subconfiguration-specific values from all settings on this pane. All settings values revert to their current inherited state.

Note: This change is not finalized until you save your configuration using File > Save.

 

non-inherited setting icon (asterisk) (asterisk)

Indicates that the value of a setting is specific to the current subconfiguration. The server always applies the specified value, regardless of any subsequent changes you make to global or inherited settings.

 

Inherit global and group directories

In group subconfigurations, this setting determines whether the group has access to globally configured directories.

In user subconfigurations, this setting determines whether the user has access to group and global directories. Note that the group value of this setting may also affect inheritance.

For details, see Configure Inheritance of SFTP Accessible Directories.

Notes:

  • The directory settings you configure from the SFTP Directories pane affect SFTP and SCP2 connections, but do not affect SCP1 connections. To ensure that users don't access additional files using SCP1, clear Allow SCP1 on the Permissions pane.
  • The directory settings you configure from the SFTP Directories pane do not affect which directories are accessible from a terminal session. To ensure that users cannot access files using a terminal session, clear Allow terminal shell from the Permissions pane.
  • You can disallow all SFTP and SCP2 access by clearing Allow SFTP/SCP2 from the Permissions pane. The Permissions pane setting overrides all SFTP Directories pane settings.

Related Topics

File Transfer Overview

Pattern Strings in Directory Paths

Virtual Root Directories in Reflection for Secure IT

Configure Inheritance of SFTP Accessible Directories

Permissions Pane