From owner-freebsd-questions@FreeBSD.ORG  Sun Aug  9 17:18:53 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CCD6A106566C
	for <freebsd-questions@freebsd.org>;
	Sun,  9 Aug 2009 17:18:53 +0000 (UTC)
	(envelope-from freebsd-questions@m.gmane.org)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
	by mx1.freebsd.org (Postfix) with ESMTP id 879138FC24
	for <freebsd-questions@freebsd.org>;
	Sun,  9 Aug 2009 17:18:53 +0000 (UTC)
Received: from list by ciao.gmane.org with local (Exim 4.43)
	id 1MaC2k-0000bU-HU
	for freebsd-questions@freebsd.org; Sun, 09 Aug 2009 17:18:50 +0000
Received: from 220.85-200-86.bkkb.no ([85.200.86.220])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <freebsd-questions@freebsd.org>; Sun, 09 Aug 2009 17:18:50 +0000
Received: from solskogen by 220.85-200-86.bkkb.no with local (Gmexim 0.1
	(Debian)) id 1AlnuQ-0007hv-00
	for <freebsd-questions@freebsd.org>; Sun, 09 Aug 2009 17:18:50 +0000
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-questions@freebsd.org
From: Christer Solskogen <solskogen@carebears.mine.nu>
Date: Sun, 09 Aug 2009 19:18:35 +0200
Lines: 28
Message-ID: <h5n0db$rve$1@ger.gmane.org>
References: <f99a79ec0908090729x54eaa769mfa4b9008bc0421e6@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: 220.85-200-86.bkkb.no
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US;
	rv:1.9.1.1) Gecko/20090715 Thunderbird/3.0b3
In-Reply-To: <f99a79ec0908090729x54eaa769mfa4b9008bc0421e6@mail.gmail.com>
Sender: news <news@ger.gmane.org>
Subject: Re: sftp + chrooting users
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Aug 2009 17:18:54 -0000

On 8/9/09 4:29 PM, Stefan Miklosovic wrote:
> hi all,
>
> I am about chrooting ftp users into theirs home
> directories. I've following in the end of /etc/ssh/sshd_config
>
> Subsystem      sftp   internal-sftp
>
> Match group ftp
>           ChrootDirectory /home
>           X11Forwarding no
>           AllowTcpForwarding no
>           ForceCommand internal-sftp
>

I have this in my sshd_config:
Match Group sftponly
          ChrootDirectory /usr/home/%u
          X11Forwarding no
          AllowTcpForwarding no
          ForceCommand internal-sftp

But also note that the user(which is in the sftponly group) have / as 
his home directory.

-- 
chs