Broke existing SFTP access by adding Users to Match User in sshd_config?
up vote
0
down vote
favorite
First, let me apologize with my lack of knowledge on ubuntu, I may not be in the right place if have the wrong OS OpenBSD 6.4 please let me know.
After following this guide I was able to login to the sftp server with only one sftp user. However after adding more users and using the csv format on match user in sshd_config it broke all users including my original user. This is the change I made below. I have since removed it and it still wont let the first SFTP only user in. I still have ssh and sftp access on my account, root is disabled.
Match User fo001sftp,fo002sftp,fo003sftp
The verbose login information.
fo001sftp@192.168.100.49's password:
Sent password
Access granted
Opening session as main channel
Server unexpectedly closed network connection
Fatal: Server unexpectedly closed network connection
I am failing on authentication with this as the error message in the /var/log/authlog
fatal: bad ownership or modes for chroot directory component "/home/fo001sftp/
here is my current sshd_config (without all of the commented outlines)
PermitRootLogin no
AuthorizedKeysFile .ssh/authorized_keys
PrintMotd no
PrintLastLog no
Subsystem sftp internal-sftp
Match User fo001sftp
PasswordAuthentication yes
X11Forwarding no
AllowTcpForwarding no
AllowAgentForwarding no
PermitTTY no
PermitTunnel no
ForceCommand internal-sftp
ChrootDirectory %h
When issue a ls command this is what i get:
Listing directory /home/fo001sftp
drwxr-xr-x 5 root fo001sftp 512 Nov 26 12:26 .
drwxr-xr-x 12 root wheel 512 Nov 26 14:29 ..
-rwxr-xr-x 1 fo001sftp fo001sftp 87 Nov 26 08:47 .Xdefaults
-rwxr-xr-x 1 fo001sftp fo001sftp 771 Nov 26 08:47 .cshrc
-rwxr-xr-x 1 fo001sftp fo001sftp 101 Nov 26 08:47 .cvsrc
-rwxr-xr-x 1 fo001sftp fo001sftp 359 Nov 26 08:47 .login
-rwxr-xr-x 1 fo001sftp fo001sftp 175 Nov 26 08:47 .mailrc
-rwxr-xr-x 1 fo001sftp fo001sftp 215 Nov 26 08:47 .profile
drwxr-xr-x 2 fo001sftp fo001sftp 512 Nov 26 08:47 .ssh
drwxr-xr-x 5 fo001sftp fo001sftp 512 Nov 26 12:26 CurrentMonth
drwxr-xr-x 2 fo001sftp fo001sftp 512 Nov 26 12:05 History
Where am i going wrongto fix the original user and how can i add more usersto this setup with their own /home directories?
permissions sftp chroot
asked Nov 26 at 20:49
babyPenguin
12
add a comment |
up vote
0
down vote
favorite
First, let me apologize with my lack of knowledge on ubuntu, I may not be in the right place if have the wrong OS OpenBSD 6.4 please let me know.
After following this guide I was able to login to the sftp server with only one sftp user. However after adding more users and using the csv format on match user in sshd_config it broke all users including my original user. This is the change I made below. I have since removed it and it still wont let the first SFTP only user in. I still have ssh and sftp access on my account, root is disabled.
Match User fo001sftp,fo002sftp,fo003sftp
The verbose login information.
fo001sftp@192.168.100.49's password:
Sent password
Access granted
Opening session as main channel
Server unexpectedly closed network connection
Fatal: Server unexpectedly closed network connection
I am failing on authentication with this as the error message in the /var/log/authlog
fatal: bad ownership or modes for chroot directory component "/home/fo001sftp/
here is my current sshd_config (without all of the commented outlines)
PermitRootLogin no
AuthorizedKeysFile .ssh/authorized_keys
PrintMotd no
PrintLastLog no
Subsystem sftp internal-sftp
Match User fo001sftp
PasswordAuthentication yes
X11Forwarding no
AllowTcpForwarding no
AllowAgentForwarding no
PermitTTY no
PermitTunnel no
ForceCommand internal-sftp
ChrootDirectory %h
When issue a ls command this is what i get:
Listing directory /home/fo001sftp
drwxr-xr-x 5 root fo001sftp 512 Nov 26 12:26 .
drwxr-xr-x 12 root wheel 512 Nov 26 14:29 ..
-rwxr-xr-x 1 fo001sftp fo001sftp 87 Nov 26 08:47 .Xdefaults
-rwxr-xr-x 1 fo001sftp fo001sftp 771 Nov 26 08:47 .cshrc
-rwxr-xr-x 1 fo001sftp fo001sftp 101 Nov 26 08:47 .cvsrc
-rwxr-xr-x 1 fo001sftp fo001sftp 359 Nov 26 08:47 .login
-rwxr-xr-x 1 fo001sftp fo001sftp 175 Nov 26 08:47 .mailrc
-rwxr-xr-x 1 fo001sftp fo001sftp 215 Nov 26 08:47 .profile
drwxr-xr-x 2 fo001sftp fo001sftp 512 Nov 26 08:47 .ssh
drwxr-xr-x 5 fo001sftp fo001sftp 512 Nov 26 12:26 CurrentMonth
drwxr-xr-x 2 fo001sftp fo001sftp 512 Nov 26 12:05 History
Where am i going wrongto fix the original user and how can i add more usersto this setup with their own /home directories?
permissions sftp chroot
asked Nov 26 at 20:49
babyPenguin
12
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
First, let me apologize with my lack of knowledge on ubuntu, I may not be in the right place if have the wrong OS OpenBSD 6.4 please let me know.
After following this guide I was able to login to the sftp server with only one sftp user. However after adding more users and using the csv format on match user in sshd_config it broke all users including my original user. This is the change I made below. I have since removed it and it still wont let the first SFTP only user in. I still have ssh and sftp access on my account, root is disabled.
Match User fo001sftp,fo002sftp,fo003sftp
The verbose login information.
fo001sftp@192.168.100.49's password:
Sent password
Access granted
Opening session as main channel
Server unexpectedly closed network connection
Fatal: Server unexpectedly closed network connection
I am failing on authentication with this as the error message in the /var/log/authlog
fatal: bad ownership or modes for chroot directory component "/home/fo001sftp/
here is my current sshd_config (without all of the commented outlines)
PermitRootLogin no
AuthorizedKeysFile .ssh/authorized_keys
PrintMotd no
PrintLastLog no
Subsystem sftp internal-sftp
Match User fo001sftp
PasswordAuthentication yes
X11Forwarding no
AllowTcpForwarding no
AllowAgentForwarding no
PermitTTY no
PermitTunnel no
ForceCommand internal-sftp
ChrootDirectory %h
When issue a ls command this is what i get:
Listing directory /home/fo001sftp
drwxr-xr-x 5 root fo001sftp 512 Nov 26 12:26 .
drwxr-xr-x 12 root wheel 512 Nov 26 14:29 ..
-rwxr-xr-x 1 fo001sftp fo001sftp 87 Nov 26 08:47 .Xdefaults
-rwxr-xr-x 1 fo001sftp fo001sftp 771 Nov 26 08:47 .cshrc
-rwxr-xr-x 1 fo001sftp fo001sftp 101 Nov 26 08:47 .cvsrc
-rwxr-xr-x 1 fo001sftp fo001sftp 359 Nov 26 08:47 .login
-rwxr-xr-x 1 fo001sftp fo001sftp 175 Nov 26 08:47 .mailrc
-rwxr-xr-x 1 fo001sftp fo001sftp 215 Nov 26 08:47 .profile
drwxr-xr-x 2 fo001sftp fo001sftp 512 Nov 26 08:47 .ssh
drwxr-xr-x 5 fo001sftp fo001sftp 512 Nov 26 12:26 CurrentMonth
drwxr-xr-x 2 fo001sftp fo001sftp 512 Nov 26 12:05 History
Where am i going wrongto fix the original user and how can i add more usersto this setup with their own /home directories?
permissions sftp chroot
asked Nov 26 at 20:49
babyPenguin
12
First, let me apologize with my lack of knowledge on ubuntu, I may not be in the right place if have the wrong OS OpenBSD 6.4 please let me know.
After following this guide I was able to login to the sftp server with only one sftp user. However after adding more users and using the csv format on match user in sshd_config it broke all users including my original user. This is the change I made below. I have since removed it and it still wont let the first SFTP only user in. I still have ssh and sftp access on my account, root is disabled.
Match User fo001sftp,fo002sftp,fo003sftp
The verbose login information.
fo001sftp@192.168.100.49's password:
Sent password
Access granted
Opening session as main channel
Server unexpectedly closed network connection
Fatal: Server unexpectedly closed network connection
I am failing on authentication with this as the error message in the /var/log/authlog
fatal: bad ownership or modes for chroot directory component "/home/fo001sftp/
here is my current sshd_config (without all of the commented outlines)
PermitRootLogin no
AuthorizedKeysFile .ssh/authorized_keys
PrintMotd no
PrintLastLog no
Subsystem sftp internal-sftp
Match User fo001sftp
PasswordAuthentication yes
X11Forwarding no
AllowTcpForwarding no
AllowAgentForwarding no
PermitTTY no
PermitTunnel no
ForceCommand internal-sftp
ChrootDirectory %h
When issue a ls command this is what i get:
Listing directory /home/fo001sftp
drwxr-xr-x 5 root fo001sftp 512 Nov 26 12:26 .
drwxr-xr-x 12 root wheel 512 Nov 26 14:29 ..
-rwxr-xr-x 1 fo001sftp fo001sftp 87 Nov 26 08:47 .Xdefaults
-rwxr-xr-x 1 fo001sftp fo001sftp 771 Nov 26 08:47 .cshrc
-rwxr-xr-x 1 fo001sftp fo001sftp 101 Nov 26 08:47 .cvsrc
-rwxr-xr-x 1 fo001sftp fo001sftp 359 Nov 26 08:47 .login
-rwxr-xr-x 1 fo001sftp fo001sftp 175 Nov 26 08:47 .mailrc
-rwxr-xr-x 1 fo001sftp fo001sftp 215 Nov 26 08:47 .profile
drwxr-xr-x 2 fo001sftp fo001sftp 512 Nov 26 08:47 .ssh
drwxr-xr-x 5 fo001sftp fo001sftp 512 Nov 26 12:26 CurrentMonth
drwxr-xr-x 2 fo001sftp fo001sftp 512 Nov 26 12:05 History
Where am i going wrongto fix the original user and how can i add more usersto this setup with their own /home directories?
permissions sftp chroot
permissions sftp chroot
asked Nov 26 at 20:49
babyPenguin
12
asked Nov 26 at 20:49
babyPenguin
12
asked Nov 26 at 20:49
babyPenguin
12
asked Nov 26 at 20:49
babyPenguin
12
asked Nov 26 at 20:49
babyPenguin
12
12
add a comment |
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1096288%2fbroke-existing-sftp-access-by-adding-users-to-match-user-in-sshd-config%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
