Hi folks,
For some reason ChrootDirectory configuration did not work for me.
Here is why. Basically, sshd will check if /chroot directory has
proper owner and access rights. No problem with owner and rights:
create /chroot/user1, /chroot/user2
chown SvcCOPSSH /chroot
chmod 0755 /chroot
Do not forget some changes in the sshd_config:
Subsystem sftp internal-sftp
Match user user1,user2
ForceCommand internal-sftp
AllowTcpForwarding no
ChrootDirectory /chroot/%u
But no luck. sshd keeps complaining:
sshd: PID 2448: fatal: bad ownership or modes for chroot directory component "/".
The problem is that sshd assumes that root has uid 0.
Open the passwd and change the uid to 0 for user SvcCOPSSH (0 after 2000/xp):
SvcCOPSSH:unused_by_nt/2000/xp:0:545:U-***\SvcCOPSSH,S-*-*-**-***-***-***-***:/var/:/bin/false
After service restart users are chrooted where they belong. No browsing.
Regards.
at
There is no real chroot support in Cygwin. See a related Cygwin thread for more information.
ChrootDirectory is the OpenSSH configuration that chroot sftp users using internal sftp subsystem. The real chroot is not involved.