How to add another ftp user with write permissions for select sites?

Hey I’m posting on the behalf of my friend who is the account owner. So they have multiple sites hosted on DreamHost and they created an FTP user “ftpuser1” and gave it access to examplesite1.com and examplesite2.com.

I can login via SFTP and see just these 2 sites - awesome! I can view all the files, I can open them, and I can download them, but I can’t upload or edit anything…

What do they have to do to make it so ftpuser1 can have write privileges without making it the owner?

Just to clarify: Are you saying that the sites are hosted under (owned by) one user, say “ftpuser0”, but you want to access them with a second user “ftpuser1”?

If so, one solution may be to ensure that both users are members of the same Unix Group, and set the site files/directories to be group writable. That way both ftpuser0 and ftpuser1 can manipulate the files.

However, wouldn’t it be easier to just use ftpuser0, since it owns the files/directories?

Yes, exactly that!

If so, one solution may be to ensure that both users are members of the same Unix Group, and set the site files/directories to be group writable.

How would you do this?

However, wouldn’t it be easier to just use ftpuser0, since it owns the files/directories?

It likely would be, but they didn’t want to share that account and figured making another one would be possible. Is just giving the info the standard practice when having others work on the site?

How would you do this?

You’d change the group permissions on the site’s files and folders to make them group-writable. DH has an article on permissions and how to change them from the command-line or FTP client: https://help.dreamhost.com/hc/en-us/articles/360029138491

Note that I’ve never worked with a DH website using group permissions, so there maybe unknown issues that make it untenable. DH appears to have a “One User per Domain” policy (see below), but I’m not sure if that is just a simplified view of the default permission setup, or an actual prohibition.

It likely would be [easier to use a single FTP user], but they didn’t want to share that account and figured making another one would be possible. Is just giving the info the standard practice when having others work on the site?

I don’t understand the “don’t want to share that account” part – if they want ftpuser1 to modify ftpuser0’s files, then by definition they are sharing the account, no? Or maybe they just don’t want to share ftpuser0’s password?

In DH “One User per Domain”, they explicitly suggest using a single shared FTP User, like Domain_Admin, for multi-person access. I think this is the standard/practical way to collaborate with others on DH.

However, a better alternative to sharing a password is to use SSH Keys to grant different people access to a user account. This is the method I use to access DH and share access with collaborators. Rather than share a single password, access is controlled by adding/removing each persons public SSH key to the account. See “Passwordless Login” in the SSH overview: https://help.dreamhost.com/hc/en-us/articles/216041267