I followed this article https://www.tecmint.com/restrict-ssh-us ... oted-jail/. I have completed steps 1-4.
When I cat /var/log/secure | egrep webmaster I see successful connections to the server however nothing in relation to the chroot directory. sshd[22528]: Accepted password for webmaster from ip port # ssh2
I added the following lines in /etc/ssh/sshd_config
Code: Select all
#define username to apply chroot jail to
Match User webmaster
#specify chroot jail
ChrootDirectory /var/www/domainname/
Code: Select all
getent passwd | egrep webmaster = webmaster:x:8094:8094::/var/www/domainname/:/bin/bash
Code: Select all
ls -ld /var/www/domainname = drwxr-xr-x. 10 root root 250 Jan 11 11:58 /var/www/domainname
Code: Select all
getenforce = Permissive
Code: Select all
[quote]drwxr-xr-x. 30 root root 4096 Dec 2 13:46 /home/www/
Code: Select all
drwxr-xr-x. 17 root root 4096 Jan 10 21:17 /home
Here are the file permissions in the directory I want webmaster restricted to.
Code: Select all
[quote]drwxr-xr-x. 8 root root 4096 Dec 17 19:37 archive
-rwxr-xr-x. 1 root root 964536 Jan 11 11:00 bash
-rwxr-xr-x. 1 root root 964536 Jan 11 11:01 bin
drwxr-xr-x. 2 root root 33 Jan 11 11:04 etc
drwxr-xr-x. 2 root root 6 Jan 11 11:03 lib64
drwxr-xr-x. 237 root root 12288 Dec 22 15:40 node_modules
crw-rw-rw-. 1 root root 1, 3 Jan 11 10:58 null
-rw-r--r--. 1 root root 545 Dec 22 15:56 package.json
-rw-r--r--. 1 root root 111876 Dec 22 15:40 package-lock.json
drwxr-xr-x. 10 root root 4096 Jan 3 15:18 public_html
crw-rw-rw-. 1 root root 1, 8 Jan 11 10:58 random
drwxr-xr-x. 4 root root 27 Dec 30 12:02 src
crw-rw-rw-. 1 root root 5, 0 Jan 11 10:58 tty
crw-rw-rw-. 1 root root 1, 5 Jan 11 10:58 zero[/quote]