Thursday, March 29, 2012

Redhat/CentOS/Fedora Linux: How to Setup Chroot SSH/SFTP

Find below given steps to setup chrooted SSH:

1) Create a group : groupadd sftpgroup

2) Create a user : useradd -g sftpgroup -d /home/mysftpuser -s /sbin/nologin mysftpuser

3) Open /etc/ssh/sshd_config file and comment following line

   #Subsystem      sftp    /usr/libexec/openssh/sftp-server

4) Add following lines to /etc/ssh/sshd_config

    Subsystem      sftp    internal-sftp
    ChrootDirectory /home/%u

5) Save and exit from /etc/ssh/sshd_config file

6) Restart sshd service

7) Try to login from server/client machine


[nginx_test:main.LINUX5 ~]# sftp mysftp@127.0.0.1
Connecting to 127.0.0.1...
mysftp@127.0.0.1's password:
sftp>

sftp> pwd
Remote working directory: /



Thats it!!!