ChrootDirectory in SFTP Couldn't get handle: Permission denied

Posted on 2010-01-06
Last Modified: 2013-12-16
I have compiled and installed Openssh 5.3 on my centos 5.3 server following these instructions:

However I CAN NOT seem to get ChrootDirectory to work properly

I have changed so many things at this point I don't even know where I am at this point...

I followed the directions I found here:

I can connect via SFTP but once connected I can't do anything:

computer:~ user$ sftp test2@
Connecting to
tetest2@'s password:
sftp> ls
Couldn't get handle: Permission denied
sftp> cd download
Couldn't canonicalise: Permission denied
sftp> put test.txt
Uploading test.txt to /test.txt
Couldn't get handle: Permission denied

Here are my users settings:
[root@sftp ~]# more /etc/passwd |grep test2
[root@sftp ~]# more /etc/group |grep test2

Here are my settings in /etc/ssh/sshd_config:
# override default of no subsystems
#Subsystem      sftp    /usr/libexec/openssh/sftp-server -f LOCAL1 -l INFO
Subsystem       sftp    internal-sftp

Match group sftponly
ChrootDirectory /chroot/disk2/%u
        X11Forwarding no
        AllowTcpForwarding no
        ForceCommand internal-sftp

Here are the permissions of the folder
drwx------   3 root root  4096 Jan  6 04:14 chroot
drwx------  5 root root 4096 Jan  6 11:08 disk2
drwx------ 3 root root 4096 Jan  6 11:11 test2

Now I have found that people saying it is a permission issues so I give test2 ownership of the /chroot/disk2/test2 directory and then when I try to connect it just kicks me out:
Connecting to
test2@'s password:
Connection to closed by remote host.
Connection closed

Question by:brittonv
    LVL 19

    Expert Comment

    check the logs in /var/log

    Can you copy files using scp?  scp localfilename user@remotehost:/path/to/somewhere

    You could have selinux stoping you? `getenforce` if it's set to `1` try `setenforce 0` then give it another go.
    LVL 8

    Accepted Solution

    Changing the permissions for the parent folders to 701 was the fix.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
    The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
    Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
    Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now