It is fair to jail my SFTP users to their home directory?
roots. I'm running an Ubuntu 9.04 (home) Server on my LAN. I currently use it to store little web apps, photos, some subversion repository and stuff like that. My (few) users are friends of mine and I always provided them with a jailed FTP access to their home directory. Now, recently I realised that FTP is not so secure since passwords are not masked when the connection is established and thus are easily sniffable.
I decided to solve this problem using SFTP but there is an issue that keeps me wondering and I need your opinion about it.
Using SFTP the access to the filesystem depends on the SSH settings. So to jail users to their home directory for SFTP I have to jail them too when they use SSH, my question is: is this a desirable configuration? It is not a limitation on an UNIX user common-sense privileges?
There is a secondary issue that is: is there a straightforward way to accomplish that under Ubuntu 9.04 Server?
Thank you Tommaso
Solution 1:
chrooting users using ssh is not a desirable configuration in most cases. When they're jailed into their home dir, they won't be able to use any programs outside their home dir. This makes unix almost unusable as a shell server.
You can use FTPS instead of SFTP/SCP, which will send passwords over SSL, but uses an ssh server, allowing you to chroot them for file transfer, but not for login (although little is gained if you only chroot their file transfers, and they will still be able to scp data from the machine).
Solution 2:
If they already have unjailed ssh access then there would be nothing to gain by restricting sftp even if you could do it.
Sure, there was a good reason to chroot the ftp server, but If I already have ssh access to the full machine there's no added security risk to me having sftp access.