I set up a user to ssh to Windows Server 2008 R2.
I was able to change de default directory.
The only piece I could not figure out is how to restrict user to just that directory.
In other word I don't want the user to be able to change directory.
Please advise.
EDIT:
This is where I stand:
- Cygwin Installed
- User (
James) created in windows - Group (SftpUser) created in windows
SftpUseris not showing in /etc/passwd- instead there is some
Nonegroup which James is a member of - I can login with my user
cygdriveanddevdirectory are listed ( I do not want this)cygdriveis empty
Here is the scenario
I want James of sftpUser group to be restricted to its upload folder.
The path is on an external drive:
D:\uploads\james_folder\
in cygwin
/cygdrive/d/uploads/james_folder/
I dont mind having the restriction on
/home/james/upload
And then mount the directory in the home path but it seems cygwin is not bundled with samba.
sshd_config
Match user james
ChrootDirectory /home/james/upload/
ForceCommand internal-sftp
Best Answer
I setup the SFTP over cygwin recently and I realised that we cannot hide the following directories:
As you may be aware that the /path/to/sftp has to be root-owned that are not writeable by any other user or group, you need to update the user id in /etc/passwd to 0 because there is no root concept in Windows.
If you jail the user to non-cygdrive (e.g. /sftp), you will only see /cygdrive (nothing will be appeared under /cygdrive).
If you jail the user to cygdrive (e.g. /cygdrive/d/.../sftp), you will see /cygdrive/d. However, you cannot change to any parent directory if you set it up correctly.
Hope the above information helps!
Please check the following things:
ls -l /command to verify.Make sure /etc/sshd_config contains: