Troubleshooting chrooted sftp account setup in Linux
Introduction In a previous article we demonstrated the process involved in configuring a chrooted sftp account on a Linux system. Although the process is fairly straightforward you might face issues during the setup if you do not follow the steps exactly to the tee or if you are consulting multiple sources. In this article, we’ll describe three common troubleshooting scenarios due to which your chrooted sftp configuration might fail. Scenario 1: Incorrect ownership and permissions: A chrooted setup demands that the user home directory must be owned by root. Let us consider the user we tested in our previous article. The user name was sahil for which the chrooted home directory was /chroots/sahil/ and the directory accessible to the user as it’s home directory was /chroots/sahil/myhome. For the setup to work correctly the directory /chroots/sahil/ should be root owned. In case the owner of the chrooted home directory is the user itself as shown below then the setup will not work: [root@linuxnix ~]# ls -ld /chroots/sahil/ drwxr-xr-x. 3 sahil root 4096 Jul 19 22:42 /chroots/sahil/ [root@linuxnix ~]# If we try to login as the user sahil using sftp we face the following error: [root@linuxnix ~]# sftp sahil@linuxnix Connecting to linuxnix... sahil@linuxnix's password: Write failed: Broken pipe Couldn't read packet: Connection reset by peer [root@linuxnix ~]# If we take a look at the /var/log/secure file we’ll find the following error message...
Read More