I have read and followed a few questions and tutorials on using chroot to set the initial directory in sftp. I have the correct permissions and ownership of the chroot directory. I can get new users to log in, but then they are unable to transfer files to folders they are supposed to own.
Example
I want to chroot members of the sftpbackups group. In my sshd_config file I have the following.
Subsystem sftp internal-sftp
Match Group sftpbackups
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
First, I have created a user testuser who is not added to to the sftpbackups group. Home directory is /home/testuser/ and there is a subdirectory /home/testuser/backups/ that I want to use over sftp. I can use sftp to transfer files to my backups folder, e.g.
sftp> ls -l
drwxrwxrwx 2 testuser testuser 4096 Sep 25 00:09 backups
sftp> put a.txt backups
Uploading a.txt to /home/testuser/backups/a.txt
a.txt
The problem comes when I add testuser to the sftpbackups group.
sftp> ls -l
drwxrwxrwx 2 1290 1291 4096 Sep 30 14:58 backups
sftp> put a.txt backups
Uploading a.txt to /backups/a.txt
remote open("/backups/a.txt"): Permission denied
I am not sure why the directory ownership is changing only after I add to the sftpbackups group, and I think it is related to why I cannot transfer files.
Any ideas how to move forward? Thanks. The server is CentOS 6.8.
