problems with ChrootDirectory
- From: Joseph Spenner <joseph85750@xxxxxxxxx>
- Date: Wed, 9 Jul 2008 14:41:11 -0700 (PDT)
I recently compiled/installed openssh version OpenSSH_5.0p1. I'm trying to make use of the ChrootDirectory to restrict a particular user to only be able to use sftp and in their homedir. From what I've read, I should be able to accomplish this by adding something like this to the sshd_config:
Match user jsmith
I created user jsmith, with his homedir being /space/storage/jsmith.
I restarted sshd.
When I try to connect as that user, the following is returned:
Connection to 10.2.2.135 closed by remote host.
Connection to 10.2.2.135 closed.
The sshd log has an entry:
Jul 9 21:31:12 happybox sshd: [ID 800047 local5.crit] fatal: bad ownership or modes for chroot directory "/space/storage/jsmith"
The permissions of /space/storage/jsmith seem ok:
drwxr-xr-x 3 jsmith other 512 Jul 9 21:19 jsmith
The .ssh directory is 700, just like my other users (and myself) who can connect normal.
I thought maybe the "ForceCommand internal-sftp" was giving me problems, so I removed that from the sshd_config to see if I could simply make this user have a shell account chroot'd to his homedir. But, the same error was returned.
If I remove the entries from the sshd_config file, the user can connect fine, but not chrooted.
Are there some specific permissions or entries in my sshd_config that I'm missing?
Any help would be great.