gresec-root
New Member
Hello,
i created a user:
useradd -m test
set a new pw
passwd test
stripped it to only allow SFTP and not the shell
usermod --shell /bin/false test
created a group
groupadd sftpusers
addet the users to to the group
usermod --gid sftpusers test
Edit the sshd config
nano /etc/ssh/sshd_config
Subsystem sftp internal-sftp
Match Group sftpusers
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
PermitTunnel no
AllowAgentForwarding no
ForceCommand internal-sftp
change the home folder of the test user only to root:
sudo chown root:root -R /home/test
sudo chmod 755 -R /home/test
My problem, the test user can see files .bash_logout, .basgrc.mkshrc.profile.
The users in the group, should only be bound to the home folder, which worked because i set it in the sshd_config --> ChrootDirectory %h
In the home directory the users should only read files which also works an and only see the home folder
Im not sure why the users sees this files ?
i created a user:
useradd -m test
set a new pw
passwd test
stripped it to only allow SFTP and not the shell
usermod --shell /bin/false test
created a group
groupadd sftpusers
addet the users to to the group
usermod --gid sftpusers test
Edit the sshd config
nano /etc/ssh/sshd_config
Subsystem sftp internal-sftp
Match Group sftpusers
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
PermitTunnel no
AllowAgentForwarding no
ForceCommand internal-sftp
change the home folder of the test user only to root:
sudo chown root:root -R /home/test
sudo chmod 755 -R /home/test
My problem, the test user can see files .bash_logout, .basgrc.mkshrc.profile.
The users in the group, should only be bound to the home folder, which worked because i set it in the sshd_config --> ChrootDirectory %h
In the home directory the users should only read files which also works an and only see the home folder
Im not sure why the users sees this files ?