chroot directory, and sshd
List, good evening,
AIUI, sshd requires that a chroot directory, and all directories above
it, including "/", must be owned by root, and not be writable except
by root. '755' permissions.
While trying to set up an sftp-only service, and using this stanza in
/etc/ssh/sshd_config :
Match Group sftp_users
X11Forwarding no
AllowTcpForwarding no
ChrootDirectory /home/sftp
ForceCommand internal-sftp
sftp login attempts fail after password entry, and
/var/log/auth.log shows :
bad ownership or modes for chroot directory component "/"
I've rechecked ownership and access settings for
/home
/home/sftp
and both these are owned by root, and writable only by root as owner
(755).
I note that the auth failure does seem to suggest there is something
wrong with permissions for "/" itself. I haven't been able to find
out how to check the permissions on "/", and I'd appreciate a
suggestion how to do that if - as it seems - that might be what sshd
is complaining about.
If that isn't the problem, I'm not sure what else could be. The
directories below /home/sftp, such as
/home/sftp/mary
are owned by and writable by user mary. mary is also in the group
'sftp-users'.
OS is Wheezy, and ssh updates are applied.
I'd be very grateful for any insights,
regards, Ron
Reply to: