I'm trying to allow a user "user" to access my server by either sftp or ssh. I want to jail them into a directory with chroot. I read the instructions here however it does not work.
I did the following:
- useradd user
-
modify /etc/ssh/sshd_config and added
Match User user
ForceCommand internal-sftp
ChrootDirectory /home/duke/aa/smart
to the bottom of the file -
changed the subsystem line to
Subsystem sftp internal-sftp
-
restarted sshd with
/etc/init.d/ssh restart
-
logged in with ssh as user "user" with PuTTY
Putty says "Server unexpectly closed the connection".
Why is this and how can it be fixed?
EDIT
Following the suggestions below, I've made the bottom of sshd_config look like:
Match User user
ChrootDirectory /tmp
yet no change. I do get a password OK but I cannot connect via ssh nor sftp. What gives?
Best Answer
The directory that you set as your chroot must be owned by root and have 755 permissions.
This is what I use for my setup
in /home
in /home/sftpuser
This chroot's them to the /home/sftpuser directory, but since they have no permission to write into it I create the second sftpuser directory for them to write to.