-
Create user group
sftpgroup
-
Add user into
sftpgroup
-
Modify
etc/ssh/sshd_config
:
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
Write at the bottom of the same file :
Match group sftpgroup
# The following two directives force ben_files to become chrooted
# and only have sftp available. No other chroot setup is required.
ChrootDirectory /home/%u
ForceCommand internal-sftp
# For additional paranoia, disallow all types of port forwardings.
AllowTcpForwarding no
GatewayPorts no
X11Forwarding no
-
Change the
/home/%u
(%u = username) ownership to root:root (no recursive) -
Change the
/home/%u
(%u = username) permission to 0755 -
Restart SSH Server
Webmin shell command
Virtualmin -> System Settings -> Virtualmin Configuration ->Actions upon server and user creation -> Command to run after making changes to a server:
/home/chroot.sh
It will change the user home directory's ownership & permission automatically after creating a new virtual server.