FreeNAS and SFTP users limit to selected directory

Question

I have a hard time to let SFTP (selected) users limit to their home directories on FreeNAS 9.10.1-U4

Default sshd config looks like

Subsystem       sftp    /usr/libexec/sftp-server -l ERROR -f AUTH
Protocol 2
UseDNS no
ChallengeResponseAuthentication no
ClientAliveCountMax 3
ClientAliveInterval 15
Port 22
PermitRootLogin yes
AllowTcpForwarding no
Compression no
PasswordAuthentication yes
PubkeyAuthentication yes

Then I have added lines below to lock selected SFTP users (via group to which belong) to their default Home Direcotry

Match Group dirtyUsers
ChrootDirectory /mnt/Backups/tmp
ForceCommand /usr/libexec/sftp-server

but after adding those lines any user which belongs to dirtyUsers cannot log int using SFTP.

Error logs for SFTP access:

Mar  2 18:42:16 backups sshd[69549]: Accepted password for dirtyUser from xxx.xxx.xxx.125 port 57495 ssh2
Mar  2 18:42:16 backups sshd[69551]: fatal: bad ownership or modes for chroot directory "/mnt/Backups/tmp"

where

drwxr-xr-x   5 dirtyUser    dirtyUsers        5 Mar 10  2016 /mnt/Backups/tmp/

Also I have done steps below

chown root:wheel /mnt/Backups/tmp
chmod 755 /mnt/Backups/tmp

chown dirtyUser:dirtyUsers /mnt/Backups/tmp/*
chmod 775 -R /mnt/Backups/tmp/*

but it let to log in and then it log off from SFTP (no error logs).

Any tips on that?

What error does the client throw when attempting to connect? — Andrew, Mar 02 '18 at 20:07

FreeNAS and SFTP users limit to selected directory

0 Answers0