I am running Ubuntu 22.04.3 with an sFTP server configured through SSHD. I have several user home directories each with a dropoff and a pickup folder inside of them. While my admin user is able to navigate the server and view the contents of any directory. The admin is unable to add or remove any files from the other users directories. The aforementioned pickup and dropoff directories are owned by root and the group is marked as 'sftp'. This sftp group contains all of the users that I wish to have accessing my server and picking up/dropping off files. My admin user is not part of the sftp group. When I add the admin to the SFTP group, I am no longer able to access the server as the admin. When the admin is not part of the group, I am able to access the server but am unable to add/remove files from directories belonging to the sftp group.
My sshd.conf is as follows:
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
PasswordAuthentication yes
Match group sftp
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Any guidance will be much appreciated.
Edit 1:
ls -ld pickup shows drwxrwxr-x 2 root sftp 4096 Dec 18 16:22 pickup
Edit 2:
I am using WinSCP and FileZilla to connect to the server. I have a user that is not familiar with terminal usage and needs to send files to and from clients. This admin account can currently view all files on the server but cannot add or remove any files (such as .xlsx). I am not going to give someone with no terminal experience or understanding of what SFTP is total access and control over the server. That would be unintelligent. What I am trying to do is create an account for myself for testing. So that I know what permissions and properties to grant this account before giving it to my user.
As it stands the account can view files in a directory such as /home/client1/dropoff but cannot add or remove files from the dropoff directory. I need the account to be able to navigate through /home/ and into all of the client directories, and sub-directories, and add or remove files at will.
Currently my client users can only access their home directory /client1/ and the corresponding sub-directories. They can add or remove files with no problem as the clients accounts are members of a 'sftp' group and so are the sub-directories.
I have tried adding this admin account to the sftp group, but when I do that I am no longer able to connect to the server via WinSCP or FileZilla. I have tried changing the Protocol options for the SFTP Environment settings from 'Default' to 'sudo su -c /bin/sftp-server' within WinSCP but this gives me the error Cannot initialize SFTP protocol. Is the host running an SFTP server? which I know it is because when I examine the server and protocol information the File transfer protocol is labeled 'SFTP-3'.
The groups my admin account belongs to are as follows:
sudo adm cdrom dip plugdev lxd ftpadmin
