Hi,
I configured openssh 5.1p1 for sftp server.

Here the specifications in sshd_config file:

Subsystem sftp internal-sftp
Match Group sftp
ForceCommand internal-sftp
ChrootDirectory /home/%u
AllowTcpForwarding no

When a user is logged in, he can't upload his document and he receives
this message:

carlo@Music:~$ sftp user@213.217.147.123
Connecting to 213.217.147.123...
user@213.217.147.123's password:
sftp> put prova
Uploading prova to /prova
Couldn't get handle: Permission denied
sftp>

Here the directory permissions:

[root@sftp-server ~]# ls -la /home/user/
total 24
drwxr-xr-x 6 root sftp 4096 Nov 10 18:05 .
drwxr-xr-x 54 root root 4096 Nov 10 16:48 ..

OK, my user is a sftp group member, and the sftp group hasn't
sufficient permissions to write in user's home directory.

I add the write permission for the sftp group:

[root@sftp-server ~]# chmod 770 /home/user/
[root@sftp-server ~]# ls -la /home/user/
total 24
drwxrwx--- 6 root sftp 4096 Nov 10 18:05 .
drwxr-xr-x 54 root root 4096 Nov 10 16:48 ..


But now the user can't access:

carlo@Music:~$ sftp user@213.217.145.321
Connecting to 213.217.147.123...
user@213.217.145.321's password:
Read from remote host 213.217.145.321: Connection reset by peer
Couldn't read packet: Connection reset by peer

Here the error message in /var/log/messages of sftp-server:

Nov 11 11:33:02 sftp-server sshd[10254]: Accepted password for user
from 213.217.145.329 port 38685 ssh2
Nov 11 11:33:02 sftp-server sshd[10256]: fatal: bad ownership or modes
for chroot directory "/home/user"

I get the same result if I change the ownership of user directory:

[root@sftp-server ~]# chown user.sftp /home/user/
[root@sftp-server ~]# ls -la /home/user/
total 24
drwxrwx--- 6 user sftp 4096 Nov 10 18:05 .
drwxr-xr-x 54 root root 4096 Nov 10 16:48 ..

carlo@Music:~$ sftp user@213.217.145.321
Connecting to 213.217.147.123...
user@213.217.145.321's password:
Read from remote host 213.217.145.321: Connection reset by peer
Couldn't read packet: Connection reset by peer

Nov 11 11:38:11 sftp-server sshd[10267]: Accepted password for user
from 213.217.145.329 port 39285 ssh2
Nov 11 11:38:11 sftp-server sshd[10269]: fatal: bad ownership or modes
for chroot directory "/home/user"

I get the same result if I change the ownership of user directory this way:

[root@sftp-server ~]# chown user.root /home/user/

What can I do in order to grant user access and allow write
permissions in his home directory?

Thanks


--
Carlo Pradissitto

Servizi e Supporto IT

I-WAY S.r.l.
Piazza Caduti di via Fani, 2
03100 Frosinone

Mobile: +393939318571

Tel/Fax: 07751880765

E-mail: c.pradissitto@i-way.it
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev