TransWikia.com

ChrootDirectory doesn't work unless there is a child folder present

Ask Ubuntu Asked by Toodarday on January 30, 2021

I am attempting to allow only sFTP connections to a specific folder

/etc/ssh/sshd_config

PermitRootLogin yes
PasswordAuthentication yes
ChallengeResponseAuthentication no
UsePAM yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem       sftp    /usr/lib/openssh/sftp-server
Match Group demouser
  # Force the connection to use SFTP and chroot to the required directory.
  ForceCommand internal-sftp
  ChrootDirectory /home/demouser/ftp/
  # Disable tunneling, authentication agent, TCP and X11 forwarding.
  PermitTunnel no
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

I then run the following commands to create the account/folder

groupadd demouser
useradd -g demouser -s /sbin/nologin demouser
chown root:root /home/demouser
chmod 755 /home/demouser/
cd /home/demouser/
mkdir ftp
chown demouser:demouser ftp

The issue I am facing is I am unable to connect when the ChrootDirectory is set to /home/demouser/ftp/ but it works fine when I set it as /home/demouser it doesn’t seem to work unless that is a child folder in the designated ChrootDirectory already made.

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP