Chroot environment setup

From Wurst-Wasser.net
Revision as of 09:06, 6 September 2023 by Heiko (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Setting up a chroot-environment:

Add this to /etc/ssh/sshd_config: 

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp

# Heiko was here and did https://linode.com/docs/tools-reference/tools/limiting-access-with-sftp-jails-on-debian-and-ubuntu/
Match Group filetransfer
   ChrootDirectory %h
   X11Forwarding no
   AllowTcpForwarding no
   ForceCommand internal-sftp


Restart sshd 

service ssh restart

or 

systemctl restart sshd.service

Add a new group 

addgroup --system filetransfer

For each chrooted user: 

usermod -G filetransfer username
chown root:root /home/username
chmod 755 /home/username

cd /home/username
mkdir tmp
chown username:filetransfer tmp



Retrieved from "https://www.wurst-wasser.net//wiki/index.php?title=Chroot_environment_setup&oldid=7346"