One Command to Rule Them All: Fixing SFTP Permission Denied on AWS Lightsail Bitnami
AWS Lightsail Filezilla SFTP Permission Denied Bitnami Nginx Stack
You set up your shiny new AWS Lightsail instance. You loaded FileZilla. You connected via SFTP like a proper pilot at the helm. And then... permission denied. The door slammed shut on your own ship.
The Problem Nobody Fully Explained
Here's what happened. You spun up a Bitnami stack on AWS Lightsail... maybe Nginx, maybe another flavor. You grabbed your private key from AWS, loaded it into FileZilla, connected via SFTP, navigated to your files, and tried to upload.
BAM... permission denied.
You did everything right. And the galaxy still said no.
The root cause is painfully simple. When Bitnami builds out your application directories... specifically `/opt/bitnami/apps`... it sets the owner and group to `root`. Not to you. Not to the user you're SSH-ing in as. To `root`.
So when you connect through FileZilla as the `bitnami` user, the server looks at your upload request, checks the Linux file permissions, and shuts the door. You're a guest trying to rearrange furniture in someone else's house.
Step One: Know Who You Are
Before you fix anything, confirm your identity. Open your SSH terminal connected to your Lightsail instance and type:
```bash whoami ```
On AWS Lightsail with a Bitnami stack, this returns `bitnami`. Simple.
But here's why this matters... different AWS services use different default users. EC2 might give you `ec2-user` or `ubuntu`. Lightsail Bitnami gives you `bitnami`. If you skip this step and guess wrong, your chown command fixes nothing. You're swinging a lightsaber in the dark.
Know who you are before you try to change anything. That's not just server advice.
Step Two: See the Problem
Navigate to your apps directory and list the contents with ownership details:
```bash ls -al /opt/bitnami/apps ```
You'll see `root root` next to every folder and file. There it is. The evidence. The reason FileZilla keeps rejecting your uploads like a bouncer at a club you built.
Step Three: One Command to Fix It All
This is the fix. One line. Recursive. Complete.
```bash sudo chown -R bitnami:bitnami /opt/bitnami/apps ```
Let's break it down:
- `sudo` ... you need elevated privileges to change ownership from root. You're borrowing the master key. - `chown` ... the chown command changes file ownership in Linux. - `-R` ... recursive. This applies the change to every subfolder and file inside `/opt/bitnami/apps`. Every. Single. One. - `bitnami:bitnami` ... sets both the owner AND the group to `bitnami`. The first value is the user, the second is the group. - `/opt/bitnami/apps` ... the target directory. Your application files live here.
Run it. Watch the cursor blink for a moment. Done.
Step Four: Verify the Fix
Go back to FileZilla. Try that upload again.
No error. No permission denied. The file lands exactly where you put it. ✨
You just gave yourself the keys to your own ship.
Why This Matters Beyond the Terminal
I've watched people burn hours on this. Searching Stack Overflow threads that solve half the problem. Copying commands meant for EC2 instances that don't apply to Lightsail. Patching individual files instead of fixing the root cause.
The pattern shows up everywhere... not just in servers. We fight symptoms instead of causes. We patch instead of repair. We get permission denied by life and assume we're not supposed to be there.
Sometimes the fix is one command. One decision. One act of taking ownership... literally.
Quick Reference
| Step | Command | Purpose | |------|---------|--------| | 1 | `whoami` | Confirm your SSH username | | 2 | `ls -al /opt/bitnami/apps` | Verify current ownership | | 3 | `sudo chown -R bitnami:bitnami /opt/bitnami/apps` | Transfer ownership recursively | | 4 | Upload via FileZilla | Confirm the fix works |
Four steps. One problem solved. Now go build something worth deploying. 🚀
Permission denied doesn't mean you don't belong. It means the system hasn't been configured to recognize you yet. One command changed everything here... `sudo chown -R bitnami:bitnami /opt/bitnami/apps`. Know who you are. Claim what's yours. Then get back to the work that matters. Quietly working... even on server configs.
--- Source: https://www.youtube.com/watch?v=rZGEoqcy9qY
From TIG's Notebook
Thoughts that surfaced while watching this.
But how many new things have you let become old things without meaningful extraction?— TIG's Notebook — New Captures
It's a problem you think you need to explain yourself. Don't. To anyone.— TIG's Notebook — On Self & Identity
A birth defect, abuse, predatory attacks... these are things that we may have no or little control over them happening to us, however, it's not the "happening" we are fully owning, it's the raw data of what I am that I must fully own and be responsible for.— TIG's Notebook — On Self & Identity
Echoes
Wisdom from across the constellation that resonates with this article.
Failures teach you more than successes do. Because when you succeed, you're not 100% certain why. But when you fail, if you are self-reflective, you're going to absorb the lessons.
Shaping the Future of Graphics Through Ray Tracing in Unreal Engine 5 - In this video you’ll learn how to set up Hardware Ray Tracing in Unreal Engine 5. In just a few steps you can have high quality ray traced shadows and reflections working for your scene. Learn about
Explore AI-powered PKM tools emerging in 2026 for building a second brain