sFTP setup, what's missing?

I installed a new virtual server, SLES 11.2 64bit to work as a sFTP server for a local community. But I’ve done something wrong and need help.

The server system is installed with LVM on both the OS disk and also a second disk where the /sftp is mounted.

sshd_config is edited with these lines:

Subsystem sftp internal-sftp

and on the last rows:

Match group sftpgroup
ForceCommand internal-sftp
ChrootDirectory /home/%u
AllowTCPForwarding no
X11Forwarding no

Reloaded sshd with rcsshd reload.

Then I created a group called “sftpgroup” and a folder structure for the chrooted sftp service.
mkdir -p /sftp/chroot
chmod 750 /sftp/chroot
chown root:sftpgroup /sftp/chroot

Created a user restricted to the group sftpgroup but without shell (/bin/false)

When I try to access the sftpserver with testuser@sftpserver I get:
“couldn’t read packet: connection reset by peer”

the /var/log/messages on server says:
“fatal:bad ownership or modes for chroot directory /path”

What is missing/wrong?


It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your issue been resolved? If not, you might try one of the following options:

Be sure to read the forum FAQ about what to expect in the way of responses:

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your SUSE Forums Team