ssh chroot to lxc container

Question

I have a PC with sshd service (192.168.1.1).
The PC contains two users user1 and user2.
I installed lxc service and configured a container.
How can I configure ssh server on 192.168.1.1 that connecting user2 will be chrooted to lxc container.

I doubt you can do this unless you're actually SSH'ing to the IP address of the container itself. — Patrick, Oct 08 '17 at 15:03
I have one dedicated static ip. Users must connect via ssh using that ip address. But every user must be chroot to its lxc container. — Алексей Мальченко, Oct 08 '17 at 15:11

score 0 · Answer 1 · answered Oct 09 '17 at 00:56

0

OpenSSH may be configured to only allow a particular user to execute a particular command, by prepending a string to the public key in the authorized_keys file.

This:

ssh-rsa <key> <key name>

Should be changed to this

command="chroot command" ssh-rsa <key> <key name>

answered Oct 09 '17 at 00:56

Robbie Mckennie

1,123
1
8
21

I want that user can't login without chroot into the server – Алексей Мальченко Oct 09 '17 at 13:52
That's what this does. – Robbie Mckennie Oct 09 '17 at 22:37
How can I connect over sftp to ssh of lxc container? – Алексей Мальченко Oct 10 '17 at 03:15

ssh chroot to lxc container

1 Answers1