Thread: Lock users in their home directory

Hi,

i have a private hosting company and i will have much users on my dedicated server, when i do adduser command and add an user he can go to all directorys.
How i can lock him in his home-directory?

Example:

User: Max

He only can stay in /home/Max not /home !

Much people say with chroot, but i don't know how to use it.

For SSH / SFTP use ChrootDirectory directive. See

• OpenSSH SFTP chroot() with ChrootDirectory
• Chroot in OpenSSH
• See the man page (Manual Pages: sshd_config(5) for more info.

ChrootDirectory
Specifies the pathname of a directory to chroot(2) to after
authentication. All components of the pathname must be root-
owned directories that are not writable by any other user or
group. After the chroot, sshd(8) changes the working directory
to the user's home directory.

The pathname may contain the following tokens that are expanded
at runtime once the connecting user has been authenticated: %% is
replaced by a literal '%', %h is replaced by the home directory
of the user being authenticated, and %u is replaced by the
username of that user.

The ChrootDirectory must contain the necessary files and
directories to support the user's session. For an interactive
session this requires at least a shell, typically sh(1), and
basic /dev nodes such as null(4), zero(4), stdin(4), stdout(4),
stderr(4), arandom(4) and tty(4) devices. For file transfer
sessions using ``sftp'', no additional configuration of the
environment is necessary if the in-process sftp server is used,
though sessions which use logging do require /dev/log inside the
chroot directory (see sftp-server(8) for details).

The default is not to chroot(2).