Hide Home Directories in CHROOT Jail
Posted on 2012-12-31
I have a CHROOT jail for SFTP users that's working well but there's one thing that bugs me and I'd like to try to fix it if I could.
I have the following in my /etc/ssh/sshd_config file:
Subsystem sftp internal-sftp
Match group sftponly
When I want to add an sftponly user I perform the following steps:
# useradd username
# passwd username
# usermod -g sftponly username
# mkdir /home/username
# chown username /home/username
# chmod 700 /home/username
This allows sftp only access to the user and they only have permissions to read and write in their own directory but, they can see a list of all of the other users directories in /home.
I would prefer it if when an sftponly user logs in via SFTP, only their home directory is visible or, something runs when they login via an SFTP client that automatically changes their directory and dumps them in their home folder.
I'm open to other ideas but the end result would be that the user doesn't see the other user's folders.
Thanks for any help! Happy New Year!