NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: sftp on chroot

On 19.09.2010 17:20, Francisco Valladolid wrote:
> On Sun, Sep 19, 2010 at 4:54 AM, Jean-Yves Migeon
> <> wrote:
>> On 19.09.2010 07:25, Francisco Valladolid wrote:
>> Try using
>> ChrootDirectory %h
>> If it does not work, check ssh logs (like /var/log/authlog); the cause
>> of this is likely to be in there.
> Changing ChrootDirectory %h then checking the logs appear:
> Sep 20 05:25:57 samuel sshd[29022]: fatal: bad ownership or modes for
> chroot directory "/home/xxx"
> I think it neccesary, chown root.root /home  ?

Yes, you can't do otherwise; if not, anyone could build up (depending on
configuration and mount points) his own system within the chroot, and
circumvent host's configuration.

Note that "chowning root:" the $HOME will prevent a user from creating
files at its root.

Jean-Yves Migeon

Home | Main Index | Thread Index | Old Index