OpenSSH SFTP chroot() with ChrootDirectory

(via www.debian-administration.org)

The upcoming version of OpenSSH (4.8p1 for the GNU/Linux port) features a new configuration option : ChrootDirectory. This has been made possible by a new SFTP subsystem statically linked to sshd.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
ed25519 ssh host key file

If latest install of openssh-server comes up with "Could not load host key: /etc/ssh/ssh_host_ed25519_key" when starting, then create the file via:

ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ''

give access to certain folders outside chroot

Setup bind mounted directory, to give access to certain folders outside of the chroot path. Example:

mount --bind /var/www/html/htdocs/some/folder /home/chroot/username/some/folder

To mount on boot, edit /etc/fstab:

/var/www/html/htdocs/some/folder /home/chroot/username/some/folder none defaults,bind 0 0

Comment