LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-29-2014, 09:48 PM   #1
radie_storm
LQ Newbie
 
Registered: May 2014
Posts: 5

Rep: Reputation: Disabled
Chrooted SFTP permissions problem


Hi there

I am trying to set up backups for different users. In sshd_config I want to enter

Match User user1
ChrootDirectory /home/user1
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp

however the permissions on the user1 folder need to be changed somehow. If I enter

Match User user1
ChrootDirectory /home/
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp

then it works, but the user can see who else is in the home directory, which I don't want.

How would I go about changing the permissions for the user1 home directory so that this would work in the top example?
 
Old 05-30-2014, 03:48 AM   #2
eklavya
Member
 
Registered: Mar 2013
Posts: 619

Rep: Reputation: 136Reputation: 136
Change the subsystem location on /etc/ssh/sshd_config
Quote:
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
Now force root to be owner of it
Quote:
sudo chown root:root /home/user1
sudo chmod 755 /home/user1
and rest you know
Quote:
Match User user1
ChrootDirectory /home/user1
ForceCommand internal-sftp
AllowTCPForwarding no
X11Forwarding no
Restart sshd and try again.
 
1 members found this post helpful.
Old 05-30-2014, 08:33 PM   #3
radie_storm
LQ Newbie
 
Registered: May 2014
Posts: 5

Original Poster
Rep: Reputation: Disabled
eklavya you are amazing. when I first did it I was unable to copy to that folder so I changed the permissions to 777. Its working well now, I can sftp to the home directory and the user can't ssh into the vm, or see any of the parent directories!
 
Old 05-30-2014, 11:44 PM   #4
radie_storm
LQ Newbie
 
Registered: May 2014
Posts: 5

Original Poster
Rep: Reputation: Disabled
Ok I am having another problem with this, if I use

Quote:
sudo chmod 755 /home/user1
then the user will be able to connect but not write, and if I use
Quote:
sudo chmod 777 /home/user1
then I am able to write but not connect. I tested this by setting it to 755, connecting, and then changing to 777 to write. If I disconnect after changing to 777 then I am unable to connect again.
 
Old 06-03-2014, 05:21 AM   #5
eklavya
Member
 
Registered: Mar 2013
Posts: 619

Rep: Reputation: 136Reputation: 136
Read this once (last post by onggie). It is for ubuntu but concept is same.
http://askubuntu.com/questions/28089...p-denies-login
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] sftp chrooted permission issue hamzar.pm Linux - Newbie 1 09-01-2012 06:41 AM
LXer: Restricting Users To SFTP Plus Setting Up Chrooted SSH/SFTP (Debian Squeeze) LXer Syndicated Linux News 0 09-06-2011 08:10 AM
SFTP server chrooted humbletech99 Linux - Security 2 04-02-2007 02:24 PM
chrooted SFTP + FTP server TotalDefiance Linux - Server 4 12-08-2006 09:37 AM
Problem with Scponly and chrooted SFTP kicko Mandriva 2 07-14-2006 02:10 PM


All times are GMT -5. The time now is 02:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration