Only allow user access to specific directory

**Denoteone** · 08-19-2009

Newbie here.

I added a user named mike and I was able to change his home directory to var/www/mikeshome but when mike connects via sftp he starts in mikeshome directory but is able to go up a directory as well. I want to make mike only have access to mikeshome and all of its sub directories. I am on a RED Hat 5 machine using putty.

Any help would be awesome.

Thanks!

***daark.child*** · 08-19-2009

You need to configure the sftp server (openssh) to chroot the user into /var/www/mike. I have never done this myself so can't offer specific details on how to do it, but take a look at the articles on this page and they may help.

**sarlacii** · 08-19-2009

Greetings... not as simple as chroot'ing a user in vsftp or proftpd (uncomment a line, add some names...).

LOL

Open the file /etc/ssh/sshd_config and then check for the lines:

Subsystem sftp /usr/lib/openssh/sftp-server

or whatever matches your distro.

Then check and uncomment or add the lines:

Match User mike
ChrootDirectory /var/www/mikeshome
AllowTCPForwarding no
X11Forwarding no
ForceCommand /usr/lib/openssh/sftp-server

for chroot by user, or else:

Match Group mike
ChrootDirectory /var/www/mikeshome
AllowTCPForwarding no
X11Forwarding no
ForceCommand /usr/lib/openssh/sftp-server

for chroot by group.

Then restart the ssh server.

Good luck.

Thread Tools

Display

Only allow user access to specific directory

Posting Permissions