I know there are other questions like this and I already read some of them. But it didnt fix my problem. I want to create a user that has sftp access to his home directory only and is not allowed to see files/folders above this directory. He also should be able to run shell commands in this directory. (starting a node process for example)
The sftp access is working so far. The user is restricted to his home directory and can edit/delete files.
I tried to create a symlink sudo ln -s /bin/bash /bin/rbash and it says file already existing, so
I set the user shell to sudo usermod -s /bin/rbash user but if the user logs in via shh it shows the Ubuntu welcome text and then /bin/rbash: No such file or directory. The same happens if I set the shell to bash.
My sshd_conf looks like this now:
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
Match group sftp
ChrootDirectory /home/userdirectory
AllowTcpForwarding no
# ForceCommand internal-sftp
I also tried to create a symbolic link from /bin/bash to /home/userdirectory/bin/bash but then when the user logs in via ssh it says Too many symbolic links.
I copied /bin/bash to /home/userdirectory/bin/bash and it says no such file or directory.
