killdurst
asked on
How to restrict a Linux user to his home directory only when he SFTP in?
The following is at the end of my "/etc/ssh/sshd_config"...
I've added userabc to this group and the following is his entry in /etc/passwd...
userabc:x:527:562:User description goes here:/home/userabc:/bin/fa lse
I've restarted sshd.
"/home" and "/home/userabc" is owned by root:root and permissions for both folder is 755/
Below is the output when I try to SFTP in to the server using userabc...
Subsystem sftp internal-sftp
Match Group sftponly
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
I have a group called sftponly with gid 562.I've added userabc to this group and the following is his entry in /etc/passwd...
userabc:x:527:562:User description goes here:/home/userabc:/bin/fa
I've restarted sshd.
"/home" and "/home/userabc" is owned by root:root and permissions for both folder is 755/
Below is the output when I try to SFTP in to the server using userabc...
Status: Connecting to xxx.xxx.xxx.xxx...
Response: fzSftp started
Command: open "userabc@xxx.xxx.xxx.xxx" 22
Command: Pass: ********
Status: Connected to xxx.xxx.xxx.xxx
Status: Retrieving directory listing...
Command: pwd
Response: Current directory is: "/"
Command: ls
Status: Listing directory /
Error: Unable to open .: permission denied
May I know, what am I missing here? Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.