NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: sftp on chroot


I have the next and work for me now.

Subsystem       sftp    internal-sftp
Match Group sftponly
        ChrootDirectory /home/%u
        X11Forwarding no
        AllowTcpForwarding no
        ForceCommand internal-sftp

% sudo chown root.root /home/hacienda
% sudo mkdir /home/hacienda/public_html
% sudo chmod -R 750 /home/hacienda/public_html
% sudo chown hacienda:www /home/hacienda/public_html

it connect fine via sftp without problems, but Apache have problems
reading  the index.html
inside public_html subdirectory.

I have problems with permisions, whenever, I don't know if it possible
that apache read it.


On Sun, Sep 19, 2010 at 11:26 AM, Jean-Yves Migeon
<> wrote:
> On 19.09.2010 17:20, Francisco Valladolid wrote:
>> On Sun, Sep 19, 2010 at 4:54 AM, Jean-Yves Migeon
>> <> wrote:
>>> On 19.09.2010 07:25, Francisco Valladolid wrote:
>>> Try using
>>> ChrootDirectory %h
>>> If it does not work, check ssh logs (like /var/log/authlog); the cause
>>> of this is likely to be in there.
>> Changing ChrootDirectory %h then checking the logs appear:
>> Sep 20 05:25:57 samuel sshd[29022]: fatal: bad ownership or modes for
>> chroot directory "/home/xxx"
>> I think it neccesary, chown root.root /home  ?
> Yes, you can't do otherwise; if not, anyone could build up (depending on
> configuration and mount points) his own system within the chroot, and
> circumvent host's configuration.
> Note that "chowning root:" the $HOME will prevent a user from creating
> files at its root.
> --
> Jean-Yves Migeon

Francisco Valladolid H.
 -- - Jesus Christ follower.

Home | Main Index | Thread Index | Old Index