With proftpd you can change the default directory editing /etc/proftpd.conf
DefaultRoot ~
change to
DefaultRoot ~/music
How i can achieve the same result with SFTP?
Im using ubuntu lucid btw.
Ty so much for your help.
Asked
Active
Viewed 9.2k times
8
Greg B
- 1,548
- 5
- 17
- 32
Jonathan B
- 83
- 1
- 1
- 4
-
Which software are you using? – Khaled Nov 01 '10 at 17:28
6 Answers
26
Unfortunately I don't have enough reputation to comment because all I wanted to do is stress how important the comment by Richard Fairhurst is and how it should be added to the "official answer". I have seen people here and elsewhere having trouble setting the user home directory or having the user home directory as a "default directory". That's just because in a chroot environment the root directory is not the / any more. Meaning any other path should be relative to the new root path. Ex:
if you chroot to /home and want the default directory to be /home/default you should set the user home directory to /default. Not /home because /home will be the new /.
If you really need to keep the user home directory in /home/user but wish to have a default directory for sftp sessions, you can use the -d parameter for internal-sftp. Like in this example:
Subsystem sftp internal-sftp
Match Group sftpusers
ChrootDirectory /mnt/sftp
ForceCommand internal-sftp -d /default
/default being a directory inside /mnt/sftp. Notice that path here is again relative to the new root.
rui
- 509
- 5
- 5
4
Perhaps there is a way to achieve what you want but as far as I know, sftp is operated over ssh so not so sure how to do that with ssh for every user.
However, one way to get around what you want to do is that you can update the user data to log in to certain directory as follows. This will w
$ sudo usermod -d [certain path that you want to direct] username
istudy0
- 211
- 1
- 1
-
-
unfortunately, for me this does not translate to the default directory of a sftp user@server login. This is probably referring to the ssh login? – 0-_-0 Jun 30 '21 at 18:26
2
lain's answer was helpful, but in the interest of being more explicit, and not depending on a link(and so I can find it next time):
Search the web for ChrootDirectory, to get the basic docs and setup, I'll not replicate them here, only point out how to solve the asked question.
For a dedicated file server use: Match Group *,!sudo
so anybody who's not an admin get chrooted sftp only access - by default.
Set ChrootDirectory /home/%u -- chroot is based on username, not their home-directory
Make sure the users directory in /home is owned by root:root
Set the home-directory path in /etc/passwd to the directory you want to be logged into by default - but make it relative to the chroot directory:
If you want the user acnt to end up in /home/acnt/files/, then set the passwd home for acnt to /files
Make sure that /home/acnt/files is owned by acnt:acnt, so that the user can write to the directory, even though /home/acnt/ must be owned by root for the chroot jail to function.
dgandhi360
- 41
- 3
-
2Slight correction: If you want the user account to end up in /home/acnt/files, then set the passwd home to files (no leading slash). – Richard Fairhurst Jun 17 '14 at 11:25
0
I just went through the same sort of thing with an Ubuntu Lucid 10.04 install. The answer seems to be to chroot certain logins to a specific folder. The only disadvantage being that the folder that they are chrooted to must be owned by root:root and can't be writable by the user logging in in order for ssh to allow the sftp login to work. SO, they only have access to other folders within the folder that they are chrooted to.
http://ubuntuforums.org/showthread.php?t=1057657
Also, setting the default folder for the user using "usermod -d doesn't change the default for that user going to the root / folder upon sftp login.
senorsmile
- 713
- 8
- 19
