Results 1 to 4 of 4

Thread: Chroot SFTP users cannot logon with WinSCP

  1. #1
    Join Date
    Dec 2012

    Chroot SFTP users cannot logon with WinSCP

    I can logon with WinSCP using my username that I have set up for Ubuntu on my home server and access everything I need to. But when I follow this guide (and several others) I get
    Authenticating with pre-entered password...
    Access denied.

    Here's my SSHD config, what's wrong? I'm bashing my head up against a wall here...

    # What ports, IPs and protocols we listen for
    Port 22
    # Use these options to restrict which interfaces/protocols sshd will bind to
    #ListenAddress ::
    Protocol 2
    # HostKeys for protocol version 2
    HostKey /etc/ssh/ssh_host_rsa_key
    HostKey /etc/ssh/ssh_host_dsa_key
    HostKey /etc/ssh/ssh_host_ecdsa_key
    #Privilege Separation is turned on for security
    UsePrivilegeSeparation yes

    # Lifetime and size of ephemeral version 1 server key
    KeyRegenerationInterval 3600
    ServerKeyBits 768

    # Logging
    SyslogFacility AUTH
    LogLevel INFO

    # Authentication:
    LoginGraceTime 120
    PermitRootLogin yes
    AllowUsers user
    StrictModes yes

    RSAAuthentication yes
    PubkeyAuthentication yes
    #AuthorizedKeysFile %h/.ssh/authorized_keys

    # Don't read the user's ~/.rhosts and ~/.shosts files
    IgnoreRhosts yes
    # For this to work you will also need host keys in /etc/ssh_known_hosts
    RhostsRSAAuthentication no
    # similar for protocol version 2
    HostbasedAuthentication no
    # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
    #IgnoreUserKnownHosts yes

    PermitEmptyPasswords no

    ChallengeResponseAuthentication no

    # Change to no to disable tunnelled clear text passwords
    PasswordAuthentication yes

    X11Forwarding no
    X11DisplayOffset 10
    PrintMotd no
    PrintLastLog yes
    TCPKeepAlive yes
    #UseLogin no

    #MaxStartups 10:30:60
    #Banner /etc/

    Subsystem sftp internal-sftp

    UsePAM no

    Match group sftp
    ChrootDirectory /(directory)/(directory)
    ForceCommand internal-sftp
    X11Forwarding no
    AllowTcpForwarding no
    Last edited by ogenrwot; January 15th, 2013 at 08:37 PM.

  2. #2
    Join Date
    Dec 2012

    Re: Chroot SFTP users cannot logon with WinSCP

    It was a permissions issue with OpenSSH. Needed to be set to 755 instead of 775. I'm still trying to figure out how to put flies into their directory so they can access them but for now this is solved.

  3. #3
    Join Date
    May 2009
    The Netherlands
    Ubuntu 14.10 Utopic Unicorn

    Re: Chroot SFTP users cannot logon with WinSCP

    Even though this is an old thread, I posted a video on YouTube demonstrating this in under 3 minutes:

  4. #4
    Join Date
    Feb 2008
    Mine goes to 11

    Re: Chroot SFTP users cannot logon with WinSCP

    Doing it in under 3 minutes in a video will scare most (new) users.

    Slow down the video...?

    But otherwise, good job.
    And I ain't even got a garage, you can call home and ask my wife!

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts