Question
How to allow restriced SSH access to chroot jailed user
A user was created and added in a group. The group has been chroot jailed in /var/www directory by adding following statements in sshd_config file:
Match group group_name
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
While with above statements, the user is restricted in his home directory i.e. /var/www (home directory was designated while creating the user), the user is not yet able to login to terminal through SSH.
Now, it is required to allow this user to login to terminal through SSH (PuTTY) and be able to change his password. It is also required to restrict this user to only be able to change his password and not able to use any other command.
So finally, the user will be able to login to SFTP (WinSCP) & use it to upload his files and able to login to terminal through SSH (PuTTY) & change his password.
Can someone please advice necessary steps how to allow SSH access/login simultaneously along with SFTP access?
PS: The setting is required for Ubuntu!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.