Re: SFTP chroot and FileZilla question
On Wed, Sep 17, 2014 at 10:33:16AM -0400, David Parker wrote: Hi, > However, if I connect using FileZilla, I see that I am in /home and I can > freely navigate the rest of the filesystem. What's up with that? I would > really like for this user account to be jailed regardless of the client, > and it seems to me like it should be, since this is a server-side > configuration. I usually start up a sshd in debug mode on a different port with otherwise the same configuration. That usually gives you a hint why the matching does not work. Sven -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140921170939.ga7...@timegate.de
SFTP chroot and FileZilla question
Hello, I have set up a Debian Wheezy box as a simple SFTP server. I have created an SFTP-only user account and configured SSH to jail the account to its home directory with the following in sshd_config: Subsystem sftp internal-sftp Match group radius ChrootDirectory /home X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp Where "radius" is the primary group for the SFTP user account. All of this works fine when I connect using OpenSSH from another Linux box. I land in the /home directory, but running "pwd" in the SFTP session shows that the working directory is "/" and then I cannot navigate any further up the filesystem tree. That's exactly what I would expect However, if I connect using FileZilla, I see that I am in /home and I can freely navigate the rest of the filesystem. What's up with that? I would really like for this user account to be jailed regardless of the client, and it seems to me like it should be, since this is a server-side configuration. Any help or insight would be greatly appreciated. Thanks! -- Dave Parker Systems Administrator Utica College Integrated Information Technology Services (315) 792-3229 Registered Linux User #408177