Linux – Set Users as chrooted for sftp, but allow user to login in SSH

chrootlinuxsftpssh

I have setup a ssh server on debian 7, to use sftp connection.

I chrooted some user, with this config:

Match Group sftpusers
    ChrootDirectory /sftp/%u
    ForceCommand internal-sftp

But if i want login with one of this chrooted users in ssh console, they get logged, but autoclose the connection. In logs I see:

 Oct 17 13:39:32 xxxxxx sshd[31100]: Accepted password for yyyyyy from   zzz.zzz.zzz.zzz port 7855 ssh2
 Oct 17 13:39:32 xxxxxx[31100]: pam_unix(sshd:session): session opened for user yyyyyyyyyyyy by (uid=0)
 Oct 17 13:39:32 d00hyr-ea1 sshd[31100]: pam_unix(sshd:session): session closed for user yyyyyyyyyyyy

How can I chroot a user only for sftp, and use it as a normal user for ssh?

Best Answer

From your comment, it appears you want to run scripts as the other user, while restricting that user only to SFTP. To do this, leave your SFTP setup as is. Log in as yourself and do:

sudo -u webuser /usr/bin/somescript.sh

This will run the script "/usr/bin/somescript.sh" as the user "webuser".

Best Answer

Related Solutions

Ssh – OpenSSH SFTP: chrooted user with access to other chrooted users’ files

Linux – Suspicious password login in sshd log

Related Topic