Chroot environment setup: Difference between revisions
Jump to navigation
Jump to search
(Created page with " Category:RaspberryPi") |
No edit summary |
||
Line 1: | Line 1: | ||
Setting up a chroot-environment: | |||
Add this to /etc/ssh/sshd_config: | |||
#Subsystem sftp /usr/lib/openssh/sftp-server | |||
Subsystem sftp internal-sftp | |||
# Heiko was here and did https://linode.com/docs/tools-reference/tools/limiting-access-with-sftp-jails-on-debian-and-ubuntu/ | |||
Match Group filetransfer | |||
ChrootDirectory %h | |||
X11Forwarding no | |||
AllowTcpForwarding no | |||
ForceCommand internal-sftp | |||
Restart sshd | |||
service ssh restart | |||
Add a new group | |||
addgroup --system filetransfer | |||
For each chrooted user: | |||
usermod -G filetransfer username | |||
chown root:root /home/username | |||
chmod 755 /home/username | |||
cd /home/username | |||
mkdir docs public_html | |||
chown username:filetransfer * | |||
---- | |||
* Links | |||
** https://linode.com/docs/tools-reference/tools/limiting-access-with-sftp-jails-on-debian-and-ubuntu/ | |||
[[Category:RaspberryPi]] | [[Category:RaspberryPi]] |
Revision as of 23:13, 6 December 2018
Setting up a chroot-environment:
Add this to /etc/ssh/sshd_config:
#Subsystem sftp /usr/lib/openssh/sftp-server Subsystem sftp internal-sftp # Heiko was here and did https://linode.com/docs/tools-reference/tools/limiting-access-with-sftp-jails-on-debian-and-ubuntu/ Match Group filetransfer ChrootDirectory %h X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp
Restart sshd
service ssh restart
Add a new group
addgroup --system filetransfer
For each chrooted user:
usermod -G filetransfer username chown root:root /home/username chmod 755 /home/username
cd /home/username mkdir docs public_html chown username:filetransfer *