Differences between version 2 and previous revision of KnowledgeBase/OpenSshChroot.
Other diffs: Previous Major Revision, Previous Author
Newer page: | version 2 | Last edited on Saturday, 8 May 2010 5:25:59 | by CyberLeo | Revert |
Older page: | version 1 | Last edited on Sunday, 14 March 2010 3:45:38 | by CyberLeo | Revert |
@@ -16,9 +16,9 @@
# Dead important this bit:
<verbatim>
mkdir -p /home/chroot/<user>/home/<user>/.ssh
chown -R root /home/chroot/<user>
-chown -R <user> /home/chroot/<user>
+chown -R <user> /home/chroot/<user>/home
/<user>
chmod -R 755 /home/chroot/<user> /home/chroot/<user>/home/<user>
ln -s /home/chroot/<user>/home/<user> /home/.
</verbatim>
# Put their ssh keys in /home/chroot/<user>/home/<user>/.ssh
version 2
- Make sure openssh version is 5 or above (some 4s do work but 5 better)
- Add these lines to sshd config
Match Group sftponly ChrootDirectory /home/chroot/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp
- Make sure the Subsystem line is this
Subsystem sftp internal-sftp
- create the sftponly group on the system
- put the relevent users in this group. be careful as you will stop them being able to ssh in
- Dead important this bit:
mkdir -p /home/chroot/<user>/home/<user>/.ssh chown -R root /home/chroot/<user> chown -R <user> /home/chroot/<user>/home/<user> chmod -R 755 /home/chroot/<user> /home/chroot/<user>/home/<user> ln -s /home/chroot/<user>/home/<user> /home/.
- Put their ssh keys in /home/chroot/<user>/home/<user>/.ssh