This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

Chroot SSH and SFTP?

2 posts / 0 new

Topic locked

Last post

#1 Fri, 11/10/2017 - 07:31

Baterka

Chroot SSH and SFTP?

Hi, I searched everywhere and still don't know how to chroot users in their homes for SSH and SFTP. I really don't like, when my friend who have web hosting on my server can copy all setups what I do in /etc etc...

Is there any functional manual how to setup chroot in newest Virtualmin?

#2 Tue, 11/14/2017 - 10:19

everisk

I do it in command line on my Centos 7 and here is my notes. FYI, I'm no pro.

To jail sftp user

    --> add user to group sftponly (you need to check group name from sshd_config)
    --> sudo groupadd sftponly
    --> sudo useradd sftp_tst1 -s /bin/false 
    --> sudo passwd sftp_tst1
    --> sudo usermod -G sftponly sftp_tst1
    - this will create new directory in home/username
    - we need to make owner of home/username to root and folder permission to 0755 otherwise we cannot upload file
    --> sudo chown -R root:root /home/sftp_tst1
    --> sudo chmod 0755 /home/sftp_tst1
    then we need to create dev folder for logging
    --> mkdir /home/sftp_tst1/dev
    then we need to create folder inside that and make owner to be the new user
    --> mkdir /home/sftp_tst1/incoming
    --> sudo chown sftp_tst1:sftponly /home/sftp_tst1/incoming

Topic locked