SFTP, Chroot problems on Redhat
Posted
by
Curtis_w
on Server Fault
See other posts from Server Fault
or by Curtis_w
Published on 2012-11-06T20:35:38Z
Indexed on
2012/11/06
23:04 UTC
Read the original article
Hit count: 295
I'm having problems setting up sftp with a ChrootDirectory. I've done an equivalent setup on other distros, but for some reason I cannot get it to work on a Redhat AMI.
The changes to my sshd_config file are:
Subsystem sftp internal-sftp
Match Group ftponly
PasswordAuthentication yes
X11Forwarding no
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
I have the concerned usere's homes at /home/user, owned by root. After connecting with a user in the ftponly group, I'm dropped into / without permissions for anything, and am unable to do anything.
sftp bob@localhost
Connecting to localhost...
bob@localhost's password:
sftp> pwd
Remote working directory: /
I can connect normally with users not in the ftponly group.
openssh version 5.3
I've experimented with different permissions, as well as having users own their own home directory (gives a Write failed: Broken pipe error), and so far, nothing has seemed to work.
I'm sure it's a permissions error, or something equally as trivial, but at this point my eyes are beginning to glaze over, and any help would be greatly appreciated.
EDIT:
James and Madhatter, thanks for clarifying. I was confused by chroot dropping me in /... just didn't think through it properly. I've added the appropriate directories and permissions to get read access. One other key part was enabling write access to chrooted homes:
setsebool -P ssh_chroot_rw_homedirs on
in order to get write access. I think I'm all set now. Thanks for the help.
© Server Fault or respective owner