Top Nav

Chrooted SFTP Users

Here’s the steps to create chrooted SFTP users.

1. Comment out the following line in /etc/ssh/sshd_config

2. Append the following in /etc/ssh/sshd_config

where USERNAME is the user and ChrootDirectory is the path that the user will be locked into. Add a new “Match User” stanza for each user that needs to be chrooted. ¬†This allows each user to have a unique directory.

3. Restart SSH

4. Create the SFTP user group

5. Modify the user

SCP and SSH are not allowed with this setup but you could change the shell to allow them…

6. The highest directory in the chroot tree must be owned by user/group root

Email
Print