I am trying to share a wordpress directory for unknown developer who can upload files and edit things so i decided to make user account for him with sftp access but ran into problems.

I created user with "adduser testuser --home /srv/www/mysite.com/public_html/wordpress" as obviously i want to put his home dir only to be in my wordpress installation dir.

Afterwards i edited sshd_config in /etc/ssh and added

"Match user testuser
ChrootDirectory /srv/www/mysite.com/public_html/wordpress
ForceCommand /usr/lib/openssh/sftp-server
"

And after restarting ssh to load config changes i try to login with sftp client and just get disconnected after logon

auth.log from /var/log shows this

"fatal: bad ownership or modes for chroot directory component "/ srv/"
"

after being disconnected

The directory above the chrooted directory needs to be owned by root.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

Still problems

I have set ownership to root with

"chown root /srv/www/mysite.com/public_html/wordpress"

as well as

"chown root /srv/www/mysite.com/public_html"

And i still get from auth.log "bad ownership or modes for chroot directory component "/srv/www/mysite.com/public_html/"

Surprisingly it doesnt throw "bad ownership or modes for chroot directory component "/ srv/" as before though

Ok, some more updates on the problems if hopefully someone cares.

After logging on sftp via shell i was getting "Write failed: Broken pipe
Couldn't read packet: Connection reset by peer"

So being desperate i decide to google some more...

I tried to do this method suggested - http://jayeshjayan.com/chrooted-sftp-fa ... component/

And basically what i did is

# chmod 755 /srv/www/mysite.com/public_html/wordpress

# chown root:root /srv/www/mysite.com/public_html/wordpress

And doing same for every directory above all the way from /srv/www/mysite.com/public_html/wordpress to /srv

Now i dont get Broken pipe after trying to login via sftp but this(after using sftp verbose output)

debug1: Authentication succeeded (password).
debug2: fd 4 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending subsystem: sftp
debug2: channel 0: request subsystem confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 100 id 0
subsystem request failed on channel 0
Couldn't read packet: Connection reset by peer

And finally...

The last thing i had to fix is changing sshd_config and replace

"Subsystem sftp /usr/lib/sftp-server" and "ForceCommand /usr/lib/sftp-server"

to

"Subsystem sftp internal-sftp" and "ForceCommand internal-sftp"

After hours of pain with this finally i am on the top of the mountain, hopefully it helps someone else who might have similiar issue.