SFTP Folder Problem

[DoulosGeek]

FreeNAS-9.3-STABLE-201412142326

I have TLS enabled, and "Always Chroot" checked. When I connect via standard FTP the user can only see his own Home Directory. Yet when I connect using SFTP the user can backtrack ALL THE WAY UP TO THE ROOT of the ZFS Volume.

What am I doing wrong here?

 

[cyberjock]

SFTP isn't actually FTP in the common sense. Do not confuse the two. SFTP uses SSH while FTP uses FTP (which is handled by proftp).

 

[DoulosGeek]

Is there a way to configure SFTP to behave similarly then? To limit the logged in user to his/her own home directory?

 

[dlavigne]

See http://doc.freenas.org/9.3/freenas_services.html#scp-only.

 

[DoulosGeek]

I set the user as scponly, yet the user can still login via SFTP and can still browse all the way to root.

 

[dlavigne]

Which application are they using? e.g. sftp on a Unix system or something else?

 

[DoulosGeek]

Filezilla FTP Client on Windows 7.

 

[dlavigne]

It looks like the warning we had in previous docs still applies, even though the configuration is now simpler. I'll add it back to the 9.3 docs:

NOTE: some utilities such as WinSCP can bypass the chroot. This section assumes that users are accessing the chroot using the command line sftp.