I have set up a Debian Wheezy box as a simple SFTP server. I have created an SFTP-only user account and configured SSH to jail the account to its home directory with the following in sshd_config:
Subsystem sftp internal-sftp
Match group radius
ChrootDirectory /home
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Where "radius" is the primary group for the SFTP user account. All of this works fine when I connect using OpenSSH from another Linux box. I land in the /home directory, but running "pwd" in the SFTP session shows that the working directory is "/" and then I cannot navigate any further up the filesystem tree. That's exactly what I would expect
However, if I connect using FileZilla, I see that I am in /home and I can freely navigate the rest of the filesystem. What's up with that? I would really like for this user account to be jailed regardless of the client, and it seems to me like it should be, since this is a server-side configuration.
Any help or insight would be greatly appreciated. Thanks!
--
Dave Parker
Systems Administrator
Utica College
Integrated Information Technology Services
(315) 792-3229
Registered Linux User #408177