Disable user to navigate out from changed home directory?!

January 8, 2016 1k views
LAMP Stack Nginx

Hi Everybody!

I added a new user to a new group on my Ubuntu droplet. This group can read and write in the /var/www/homepage directory also. I changed the user home directory to the /var/www/homepage BUT how can I disable to navigate out from here on an SFTP connection?

Thanks for your answers and help!

1 Answer

You can jail an SFTP user to their home directory by adding some configuration like the following to your /etc/ssh/sshd_config file:

Match User john
    ChrootDirectory /home/john
    ForceCommand internal-sftp
    AllowTCPForwarding no
    X11Forwarding no
Have another answer? Share your knowledge.