Then I did:Īnd now I could create a directory and delete it but I was not able to edit it because it was being created without group writable permissions. Sudo chown netdrive:netdrive /home/netdrive/writable/īecause the netdrive user was still not able to write in that /home/netdrive/writable/ directory despite owning the folder and having the permissions. The following did NOT work for me: sudo mkdir /home/netdrive/writable/ You should probably not execute the following paragraphs:Īfter looking at the above solutions (and many others on the net which even used acl (access control lists)) I was still not able to get it working because what I did next was:
![2 terabit netdrive free for home use 2 terabit netdrive free for home use](https://s3.amazonaws.com/helpjuice-static/helpjuice_production%2Fuploads%2Fupload%2Fimage%2F7545%2Fdirect%2F1607442588114-1607442588114.png)
Now I am going to explain below the problems I had: The repeated /home/netdrive/home/netdrive/ directory structure is what made it work for me in having a clean chroot ssh writable solution. When accessing using sshfs with the netdrive user because of chroot configuration I would only see things stored inside server's /home/netdrive/ directory, perfect.
![2 terabit netdrive free for home use 2 terabit netdrive free for home use](https://www.mines.edu/ccit/wp-content/uploads/sites/116/2019/03/files-adit.png)
I was able to create/delete/edit/rename files/folders without problems. Note that I have only writable permissions to the user, not to the group as many other solutions online. That was it, it worked without any further changes. Sudo chmod 755 /home/netdrive/home/netdrive/ Sudo chown netdrive:netdrive /home/netdrive/home/netdrive/ What I had to do to get a writable folder: sudo mkdir -p /home/netdrive/home/netdrive/ Ok so after all this I was able to connect using sshfs but in read only mode. I edited /etc/ssh/sshd_config to include: Match User netdriveĬhanged home directory owner and permissions: sudo chown root:root /home/netdrive/ Then edited /etc/passwd and made sure it has /bin/false for the user so the line was: netdrive:x:1001:1004:Net Drive User,:/home/netdrive:/bin/false And here is how I got it working:įirst I created a user: sudo useradd netdrive I wanted to lock the user so that it would not be able to navigate through the whole file system, no ssh login access and I wanted to have write access to the network share. I spent the whole day trying to get a network share on my raspberry. Here is the ls -h /home output: drwxr-xr-x 26 oli oli 4096 17:19 oli I'm not entirely sure what's going on there, but it suggests something is wrong with the user directory. May 9 14:45:48 nj sshd: pam_unix(sshd:session): session closed for user bob May 9 14:45:48 nj sshd: fatal: bad ownership or modes for chroot directory component "/home/bob/" Okay so I just had a look at /var/log/auth.log and saw this: May 9 14:45:48 nj sshd: pam_unix(sshd:session): session opened for user bob by (uid=0) What am I doing wrong? How can I limit bob to /home/bob/? I have explicitly tried ChrootDirectory /home/bob but that doesn't work either. I have found that ChrootDirectory /home works, but it still gives them access to any home directory. If I comment out the ChrootDirectory line I can SFTP in but then they have free rein over the server. When I try to log in as them, here's what I see $ sftp password:Ĭouldn't read packet: Connection reset by peer I've also changed the /etc/ssh/sshd_config to include the following: Match Group sftponly Here is their /etc/passwd line: bob:x:1001:1002::/home/bob:/bin/false I've changed their shell to /bin/false to stop SSH logins.
![2 terabit netdrive free for home use 2 terabit netdrive free for home use](https://research.oit.ncsu.edu/docs/assets/images/fileset-windows-space.png)
I've created a user called bob and added him to a new group called sftponly. I will bind-mount in any files I want them to be able to see. I want to give a client access to my server, but I want to limit those users to their home directories.