SFTP CHROOT SSHD
Revision as of 10:23, 18 January 2017 by Michael.mast (talk | contribs)
The following was written by http://serverfault.com/users/387035/will
[1]It appears after the OpenSSH-6.6.1p1-31 update, only the user's primary group is checked for authentication during the SFTP connection attempt. With root and the user's primary group owning the home directory and at least 710 permissions, connection attempts should succeed.
Repro steps:
$ groups sftpuser sftpuser : sftpgroup sftpuser $ ls -ld /home/sftpuser/ drwx--x--- 2 root sftpuser 4096 Nov 22 18:31 sftpuser/ $ sftp sftpuser@localhost sftpuser@localhost's password: Write failed: Broken pipe Couldn't read packet: Connection reset by peer $ chgrp sftpgroup sftpuser/ $ ls -ld /home/sftpuser/ drwx--x--- 2 root sftpgroup 4096 Nov 22 18:31 sftpuser/ $ sftp sftpuser@localhost sftpuser@localhost's password: Connected to localhost. sftp> exit