Tag Archives: SFTP

chroot an SFTP directory

To chroot an SFTP directory, you must

1) create an user and force root to be owner of it

cd /home
mkdir john
useradd -d /home/john -M -N -g users john
sudo chown root:root /home/john
sudo chmod 755 /home/john

2) Change the subsystem location on /etc/ssh/sshd_config:

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp

and create a user section:

Match User john
    ChrootDirectory /home/john
    ForceCommand internal-sftp
    AllowTCPForwarding no
    X11Forwarding no