Plesk: Enable SFTP access for additional FTP users

  1. How to fix
  2. Troubleshooting

By default only the main user of a domain can SFTP into a domain. Plesk does allow to add FTP users, but for some reason not for access over encrypted SSH.

How to fix

To allow an additional FTP user to access the site you need to manually define what they can do directly on the server.

  1. Create an additional FTP user in Plesk > Domains > domain.tld > FTP Access.
  2. Set the user’s Home directory to: / (with a subpath the chroot won’t work).
  3. Open a SSH session to your server.
  4. sudo nano /etc/passwd
  5. Find the line that starts with the username you wish the change. It is most likely at the bottom.

The line is formatted like this, notice the bold parts:


  • username – the name of the FTP user
  • 10016 – the system user ID (UID)
  • 1003 – the system group ID (GID)
  • /var/www/vhosts/domain.tld – the path assigned to the FTP user, leave it like that
  • /bin/false – the problem, login is blocked

Carefully change it to tell SSH that a chroot (jail) should be started for the user:


Save the file (ctrl x and then hit y and enter to confirm). Now open the domain’s /etc/passwd file that is read when the chroot session is started:

nano /var/www/vhosts/domain.tld/etc/passwd

At the bottom add a line like this:

  • username – the FTP user
  • 10016 – the user ID (UID) from earlier
  • 1003 – the group ID (GID) from earlier
  • / – the home path of the user, relative to the domain path
  • /bin/bash – the normal Bash shell

And done! Login using SFTP should now be working, but remember you need to do this for each new additional FTP user.


To debug login issues, closely follow the secure and messages log files while doing the login. Hit ctrl c right after the (failed) login to end the log stream.

tail -Fn 0 /var/log/secure /var/log/messages


One response to “Plesk: Enable SFTP access for additional FTP users”

  1. Thank you. This was really helpful for me today.

Leave a Reply

Your email address will not be published. Required fields are marked *