• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to setup a chroot ssh/sftp for specific users in Solaris 10

by admin

The patches 148104-16 (Sparc) and 148105-16 (x86) and newer versions of these patches have introduced a new sshd_config keyword “Match” which can be used to restrict chroot setups to specific users, groups or other selection criteria.

This example will only work if you have installed the required patches mentioned earlier. You can use the command “showrev -p | grep 148104” (or 148105 in case of x86) to check and ensure that the revision -16 or newer is available.

This example will setup a chroot environment for the testuser without affecting other users. Note that the Match keyword has to be add the end of the sshd_config file and all lines following one Match clause belong together until either a new Match block starts or the end of the file has been reached.

1. Create the target chroot environment by using the ftpconfig command:

# mkdir /export/home/chroot
# ftpconfig -d /export/home/chroot/testuser
Creating directory /export/home/chroot/testuser
Updating directory /export/home/chroot/testuser

2. Create the user and assign a password:

# useradd -d /export/home/chroot/testuser testuser
# passwd testuser
New Password:
Re-enter new Password:
passwd: password successfully changed for testuser

3. Add the following chroot configuration line to the file /etc/ssh/sshd_config

# vi /etc/ssh/sshd_config
Match User testuser
ChrootDirectory /export/home/chroot/testuser

Be sure that the configuration is at the end of the sshd_config file.

4. Restart the ssh service to activate the configuration change:

# svcadm restart ssh
How to setup a chroot ssh/sftp in Solaris 10

Filed Under: Solaris

Some more articles you might also be interested in …

  1. Solaris : How to start syslogd in debug mode
  2. How to update the boot_archive for ZFS root in Solaris
  3. Solaris 11 IPS pkg Command Examples
  4. Solaris : How to create processor set (pset) and associate it with a pool
  5. Solaris Volume Manager (SVM) : How to Use Mirrors to Roll Back System Changes
  6. Solaris ZFS : How to Designate Hot Spares in a Storage Pool
  7. How To Determine Approximate Solaris Crash Dump File Size Requirements
  8. Examples of adding static routes in Solaris
  9. Solaris Performance troubleshooting : Disk (I/O) performance issues
  10. Script for finding the process using a specific port in Solaris

You May Also Like

Primary Sidebar

Recent Posts

  • What are /dev/zero and /dev/null files in Linux
  • grpck command – Remove corrupt or duplicate entries in the /etc/group and /etc/gshadow files.
  • xxd command – Expressed in hexadecimal form
  • sesearch: command not found

© 2022 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright