From 0923396f69f4986ae5a021422ce2bedb4a52db7f Mon Sep 17 00:00:00 2001 From: ghaymah_dev Date: Thu, 4 Sep 2025 14:27:40 +0000 Subject: [PATCH] Add readme.md --- readme.md | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 readme.md diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..0f8c9e8 --- /dev/null +++ b/readme.md @@ -0,0 +1,63 @@ +# SSH Chroot Jail Setup Script + +A robust Bash script to create a chroot jail environment for SSH/SFTP users, restricting them to a specific directory on your Linux system. + +## 📖 Overview + +This script automates the process of creating a secure chroot jail environment for SSH/SFTP users, limiting their access to only specified directories. This is particularly useful for: + +- Web server file management +- Secure file transfers +- Restricting user access to specific application directories +- Compliance with security policies + +## ✨ Features + +- Creates complete chroot jail environment +- Sets up necessary device files and libraries +- Configures SSHd for chroot access +- Supports both SSH and SFTP access modes +- Customizable jail directory location +- Optional basic command inclusion (ls, date, mkdir) + +## 🛠️ Prerequisites + +- Linux system (tested on Ubuntu/CentOS) +- Bash shell +- Root/sudo access +- SSH server installed + +## 📦 Installation + +1. Clone or download the script to your server +2. Make the script executable: + ```bash + chmod +x create_chroot_user.sh + ``` +## Basic Usage + + +``` +sudo ./create_chroot_user.sh +``` + +for the user, they have to do, and enter the password configured above + +``` +sftp -v user@host +``` + +## 🔒 Security Notes + +1. The jail directory and its subdirectories must be owned by root +2. Users should not have write access to the jail structure itself +3. Regularly update the passwd/group files in the jail if system users change +4. Consider using key-based authentication for additional security + + + +# Reference + +https://www.tecmint.com/restrict-ssh-user-to-directory-using-chrooted-jail/ + +