Since version 4.8, OpenSSH supports chrooting (see http://openssh.org/txt/release-4.8), so no patches are needed anymore. This tutorial describes how to give users chrooted SSH access. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. I will also show how to use chrooted SFTP.
The above is from howtoforge but it doesnt work. My tutorial and script actually works and allows access to only the users home directory and not the entire home directory where they can see other users. This is a full chroot jail for SSH/SCP/ and SFTP access to ones own directory.
Login to shell as root and run the following to make sure you have everything:
apt-get install ssh openssh-server sudo debianutils coreutils
Now open up your SSH config file
nano /etc/ssh/sshd_config
Scroll to the bottom and make sure to add the following and comment out the second line
Subsystem sftp internal-sftp
#Subsystem sftp /usr/lib/openssh/sftp-server
Now at the bottom add the following making sure the user you are chrooting is replaced in the lines where it says USER
UseDNS no
AllowUsers USER
Match User USER
PasswordAuthentication yes
ChrootDirectory /home/%u
AllowTCPForwarding no
X11Forwarding no
Match
Now restart SSH
service ssh restart
Now download the script and install the libraries for the user:
cd /usr/local/sbin wget http://www.devcu.com/apps/make_chroot_jail.sh chmod 700 /usr/local/sbin/make_chroot_jail.sh
Remember to replace the word USER below with the actual user and edit the home directory accordingly.
make_chroot_jail.sh USER /bin/bash /home/USER
Answer the questions, yes, yes and then you are done.
Login to the account to test and you will see the user can only access their own directory via SSH/SCP and SFTP
