sftp + chrooting users
Stefan Miklosovic
miklosovic.freebsd at gmail.com
Sun Aug 9 14:29:45 UTC 2009
hi all,
I am about chrooting ftp users into theirs home
directories. I've following in the end of /etc/ssh/sshd_config
Subsystem sftp internal-sftp
Match group ftp
ChrootDirectory /home
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Now, problem I am facing:
if I connect like user at hostname (user is in ftp group)
and do "ls", it shows all content of /home dir which
is not wanted. I want to chroot user to /home/user.
But, as in manual, if you are going to do that, chrooted dir must be owned
by root and not writable by anyone.
This is impossible to do then.
In sshd_config(5), there is ChrootDirectory keyword, and
there are %u (user name) and %h (home dir) which would work,
but they do not.
Using of ChrootDirectory /home/%u does not work (because of privileges
issue).
it is also an option to chmod 700 for home dirs, but is there some other
way?
More information about the freebsd-questions
mailing list