Chroot SSH and SFTP?

2 posts / 0 new
Topic locked
Last post
#1 Fri, 11/10/2017 - 07:31
Baterka

Chroot SSH and SFTP?

Hi, I searched everywhere and still don't know how to chroot users in their homes for SSH and SFTP. I really don't like, when my friend who have web hosting on my server can copy all setups what I do in /etc etc...

Is there any functional manual how to setup chroot in newest Virtualmin?

Tue, 11/14/2017 - 10:19
everisk

I do it in command line on my Centos 7 and here is my notes. FYI, I'm no pro.

To jail sftp user

    --> add user to group sftponly (you need to check group name from sshd_config)
    --> sudo groupadd sftponly
    --> sudo useradd sftp_tst1 -s /bin/false
    --> sudo passwd sftp_tst1
    --> sudo usermod -G sftponly sftp_tst1
    - this will create new directory in home/username
    - we need to make owner of home/username to root and folder permission to 0755 otherwise we cannot upload file
    --> sudo chown -R root:root /home/sftp_tst1
    --> sudo chmod 0755 /home/sftp_tst1
    then we need to create dev folder for logging
    --> mkdir /home/sftp_tst1/dev
    then we need to create folder inside that and make owner to be the new user
    --> mkdir /home/sftp_tst1/incoming
    --> sudo chown sftp_tst1:sftponly /home/sftp_tst1/incoming
Topic locked