Difference between revisions of "Sftp chroot configuration"

From wikieduonline
Jump to navigation Jump to search
Line 1: Line 1:
 +
 +
== Configuration ==
 
* Read https://askubuntu.com/a/206376  
 
* Read https://askubuntu.com/a/206376  
  
Line 39: Line 41:
  
  
 +
== Creating new user ==
 +
[[useradd -m]] USERNAME
  
 
== Logs ==
 
== Logs ==
 
 
[[scp]] error
 
[[scp]] error
 
   protocol error: mtime.sec not present
 
   protocol error: mtime.sec not present

Revision as of 07:29, 9 June 2020

Configuration

/etc/ssh/sshd_config


1) First step

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp


2) Second step and create a user section at the end of the file (ssh can die respawning if placed after Subsystem line):

Match User john
   ChrootDirectory %h
   ForceCommand internal-sftp
   AllowTCPForwarding no
   X11Forwarding no

Others:

  • %u (User)
  • %h (home directory)


Multiple users:

 Match User USER1,USER2


With double Match rule

Match User john LocalPort 2222 
   ChrootDirectory %h
   ForceCommand internal-sftp
   AllowTCPForwarding no
   X11Forwarding no

3) Review privileges from ChrootDirectory directory


Creating new user

useradd -m USERNAME

Logs

scp error

 protocol error: mtime.sec not present

sshd -T

'Match LocalPort' in configuration but 'lport' not in connection test specification.


Related commands

See also

Advertising: