Chroot Jail - Make user to stay only in one directory
| This forum is proudly powered by Scientific Linux 6 | SL website Download SL Help Search Members |
| Welcome Guest ( Log In | Register ) | Resend Validation Email |
   |
Chroot Jail - Make user to stay only in one directory| pineapple |
Posted: Jan 26 2012, 11:40 AM
|
|
|
SLF Junior  Group: Members Posts: 38 Member No.: 354 Joined: 28-June 11  |
Hello,
I'm trying to setup Chroot Jail environment so users would only be allowed to browse their directory, but not move up and browse others .. So far I tried couple of options, somehow all fail to do the trick .. User:john and Group:john are being made. in /etc/ssh/sshd_config added .. Match User john ChrootDirectory /var/www/html/my_domain_name/user's_directory (user's directory being owned by john:john) Restarted SSHD .. when trying to connect with username, password, server name, port (sftps/ssh) in FileZilla it fails, however if I remove entry from /etc/ssh/sshd_config it works and redirects to /home/john .. there's an issue with Chroot Jail which I need to solve .. |
|
|
||
| pineapple |
 Posted: Jan 26 2012, 02:57 PM
|
|||
|
SLF Junior Group: Members Posts: 38 Member No.: 354 Joined: 28-June 11 |
It works .. I have added 3 more lines to /etc/ssh/sshd_config .. X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp |
|||
|
|
||||
| helikaon |
Posted: Jan 28 2012, 04:03 PM
|
|
 SLF Moderator Group: Moderators Posts: 516 Member No.: 4 Joined: 8-April 11 |
Hi Pineapple,
good you got it working, just if i might ask - this is working (IMHO) only for the SFTP connections, right? Because if you want to chroot jail ssh connections too, you need to setup complete 'fake' environment including all needed OS folders like /etc /bin /sbin ..... cheers, -------------------- |
|
|
||
 |
|