Chroot SFTP? How to limit users only to their home folder and sub folder
Chroot SFTP? How to limit users only to their home folder and sub folder
I'm not sure if it's a part of FTP or not.
I have been given access to SSH Access(bash) to my user and I want to restrain the user's login to their own home folder/sub folder. They can't allow to cd to home or higher.
I tried to use this cmd:
I hope to receive some hints, thank you.
I have been given access to SSH Access(bash) to my user and I want to restrain the user's login to their own home folder/sub folder. They can't allow to cd to home or higher.
I tried to use this cmd:
But it only works if they access like normal FTP with File Zilla, if they tried to use the Bitvise SSH tool, they can freely go to the home directory and higher.chmod o-x /home/*
I hope to receive some hints, thank you.
Re: Chroot SFTP? How to limit users only to their home folder and sub folder
Limiting user to SFTP (blocking SSH), allowing only homedir:
# Comment line:
# so it will be:
On the end of file add:
# then in SSH run
# then in SSH paste
Code: Select all
vi /etc/ssh/sshd_config
Code: Select all
Subsystem sftp /usr/lib/openssh/sftp-server
Code: Select all
# Subsystem sftp /usr/lib/openssh/sftp-server
Code: Select all
####
Subsystem sftp internal-sftp
Match Group sftp-only
ChrootDirectory /chroot/%u
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp
####Code: Select all
service sshd restart
groupadd sftp-only
Code: Select all
user=example_user # here enter user you want to chroot
home=/home/$user
if [ ! -d "$home" ]; then
mkdir -p /chroot/$user/$home
chmod 750 /chroot/$user
chmod 775 /chroot/$user/$home
chown root:sftp-only /chroot/$user
chown $user:sftp-only /chroot/$user/$home
usermod -a -G sftp-only $user
mount -o bind $home /chroot/$user/$home/
fi
Re: Chroot SFTP? How to limit users only to their home folder and sub folder
Thank you so much for your quick guide with the full details.