Hi there
Has anyone been able to get SFTP with a chroot jail setup? I’ve been round and round with this trying different settings and can’t for the life of me get it to work.
I’ve setup user, permissions and sshd config file and my user can login but I’m getting a “Couldn’t canonicalize: No such file or directory” error on login. I can’t find any reference to this error on the web apart from in reference to a bug when trying to transfer a whole directory. There’s also nothing in the log (under /var/log/messages) to suggest anything is wrong.
For reference, these are the settings I used in sshd:
config match
option type Group
option match users
#option AllowAgentForwarding
option AllowTcpForwarding no
#option AuthorizedKeysFile
#option AuthorizedPrincipalsFile
#option Banner
option ChrootDirectory %h
option ForceCommand internal-sftp
#option GatewayPorts
#option AuthenticationMethods
#option GSSAPIAuthentication
#option HostbasedAuthentication
#option HostbasedUsesNameFromPacketOnly
#option KbdInteractiveAuthentication
#option KerberosAuthentication
#option MaxAuthTries
#option MaxSessions
#option PasswordAuthentication
#option PermitEmptyPasswords
#option PermitOpen
#option PermitRootLogin
option PermitTunnel no
#option PubkeyAuthentication yes
#option RhostsRSAAuthentication
#option RSAAuthentication
#option X11DisplayOffset
option X11Forwarding no
#option X11UseLocalHost
Also, in case it helps anyone, permissions need to be set so that root owns them and they are not writable for any other group (755) for the whole path (including root “/”) up to the chroot directory.
I’m thinking it might work in an LXC container but I’m not sure.
Can anyone help?