Monday, October 8, 2012

lock user to his home directories using chroot

Create chroot directory.

# mkdir /chroot

Create user's home directory, which will be actually '/' directory after user login.

# mkdir -p /chroot/home/pinky

Copy all the files that the user needs including basic commands like 'ls', libraries and /dev files.

# mkdir /chroot/home/pinky/bin
# cp -a /bin/bash /chroot/home/pinky/bin/.
# cp -a /bin/ls /chroot/home/pinky/bin/.
# cp -a /lib64 /chroot/home/pinky/.

Edit /etc/ssh/sshd_config file

ChrootDirectory /chroot/%h

Restart sshd

# service sshd restart
# chkconfig sshd on

Now sshd works with chrooted environment. So when Pinky logins, the directory /chroot/home/pinky will be '/'.
Post a Comment