Difference between revisions of "Chroot environment setup"

From Wurst-Wasser.net
Jump to: navigation, search
Line 27: Line 27:
  cd /home/username
  cd /home/username
  mkdir docs public_html
  mkdir tmp
  chown username:filetransfer *
  chown username:filetransfer tmp

Latest revision as of 22:16, 6 December 2018

Setting up a chroot-environment:

Add this to /etc/ssh/sshd_config:

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp

# Heiko was here and did https://linode.com/docs/tools-reference/tools/limiting-access-with-sftp-jails-on-debian-and-ubuntu/
Match Group filetransfer
   ChrootDirectory %h
   X11Forwarding no
   AllowTcpForwarding no
   ForceCommand internal-sftp

Restart sshd

service ssh restart

Add a new group

addgroup --system filetransfer

For each chrooted user:

usermod -G filetransfer username
chown root:root /home/username
chmod 755 /home/username
cd /home/username
mkdir tmp
chown username:filetransfer tmp