Re: OpenSSH ChrootDirectory oddities

Tue, 30 Sep 2008 11:38:35 -0700 

Dnia wtorek, 30 wrzeEnia 2008, Marian Hettwer napisaE:
> What I wanted to achieve is pretty much the following: Have some
> users, all in the same group named sftp and if the log in via sftp
> they get chroot'ed to their home directory.
> However, I wind up after a login in /home not /home/$username

>From the manpage:
     Specifies a path to chroot(2) to after authentication.  This
     path, and all its components, must be root-owned directories that
     are not writable by any other user or group.

So if you wan't to chroot user sftp1 in /home/sftp1 use:
     ChrootDirectory /home/%u

Still, /home/sftp1 MUST be root owned, thus user sftp1 won't be allowed
to write there anything.  You can create a directory under /home/sftp1
(like upload) owned by sftp1, where the chrooted user will be able to
write, delete and do whatever else he wishes.
--
Cezary Morga
"A fellow who is always declaring he's no fool usually has his
suspicions." (Wilson Mizner)

Reply via email to