Date: Sun, 9 Aug 2009 16:29:43 +0200 From: Stefan Miklosovic <miklosovic.freebsd@gmail.com> To: freebsd-questions@freebsd.org Subject: sftp + chrooting users Message-ID: <f99a79ec0908090729x54eaa769mfa4b9008bc0421e6@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
hi all, I am about chrooting ftp users into theirs home directories. I've following in the end of /etc/ssh/sshd_config Subsystem sftp internal-sftp Match group ftp ChrootDirectory /home X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp Now, problem I am facing: if I connect like user@hostname (user is in ftp group) and do "ls", it shows all content of /home dir which is not wanted. I want to chroot user to /home/user. But, as in manual, if you are going to do that, chrooted dir must be owned by root and not writable by anyone. This is impossible to do then. In sshd_config(5), there is ChrootDirectory keyword, and there are %u (user name) and %h (home dir) which would work, but they do not. Using of ChrootDirectory /home/%u does not work (because of privileges issue). it is also an option to chmod 700 for home dirs, but is there some other way?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f99a79ec0908090729x54eaa769mfa4b9008bc0421e6>