I'm defeated: Can't get SCP to work in chroot jail (but sftp and ssh work fine) - I've spent HOURS on this and I love the feeling when I figure something out... on the contrary I am pissed off right now on why this won't work! As the title suggests, my choot jail works fine for SSH and SFTP... but not SCP.

I've done scp -vvv (ssh -vvv), debugged sshd, run straces.. NOTHING! Only thing SCP says every time is "lost connection" on the client side - right after I login.. I get "lost connection" and am disconnected. WTF.. this is stupid....(again, debug output and strace say nothing useful).. so I'm stuck. Defeated.

I'm rarely defeated by Linux, only because the community is so strong, I hope to maintain that so PLEASE if anyone has anything, I'd love to hear it.

--ponga

In Debian theres is a package available called "scponly", which is a shell.

If my memory is correct it forces the account into a chroot and you can do sftp and scp -- only

I remember doing this manually before having found that package and I had to create some devices manually in the chroot. This was to ensure basic system functionality. Plus I had to copy a bunch of stuff into the chroot, it was pretty messy.

Another solution is to restrict an ssh public key to specific commands for the account in question.

What OS / version? Are you using OpenSSH's native ChrootDirectory (enumerated here), or some other method?

If you're using the former approach, one of the first steps to troubleshooting is to review the server-side sshd(8) logging. On Debian-based systems, you normally want to check /var/log/auth.log. On RH-based systems, you normally check /var/log/secure.

What do they tell you about the failed attempts?