I have a website that I want to add some restricted access to a sub-folder. For this, I've decided to use CHROOT with SFTP (I mostly followed this link : http://shapeshed.com/chroot_sftp_users_on_ubuntu_intrepid/)
For now, I've created a user (sio2104) and a group (magento).After following the guide, my folder list look like this :
-rw-r--r-- 1 root root 27 2012-02-01 14:23 index.html
-rw-r--r-- 1 root root 21 2012-02-01 14:24 info.php
drwx------ 15 root root 4096 2012-02-25 00:31 magento
As you can see, i've chown root:root the folder magento I wanted to jail-in the user and ...everything else by the way. Also in the magento folder, I chown sio2104:magento everything so they can access what they want. Finally, I've added this to sshd_config file :
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
Match Group magento
ChrootDirectory /usr/share/nginx/www/magento
ForceCommand internal-sftp
AllowTCPForwarding no
X11Forwarding no
PasswordAuthentication yes
#UsePAM yes
And the result is...well, I can enter my login, password and it's all finished with a "broken pipe" error.
$ sftp
[email protected]
[....some debug....]
[email protected]'s password:
debug1: Authentication succeeded (password).
Authenticated to 10.20.0.50 ([10.20.0.50]:22).
debug1: channel 0: new [client-session]
debug1: Requesting
[email protected]
debug1: Entering interactive session.
Write failed: Broken pipe
Connection closed
Verbose mode gives nothing to help. Anyone have an idea of what I've done wrong? If I try to login with ssh or sftp with my personnal user, everything works fine.
