Hi all. I'm working on setting up a ssh server that will be restricted availability. I have decided to run the server as follows:
Configure the sshd_config file for the standard users (AllowUsers will be used to explicitly declared for users and will exclude the sudo user.) I want this to be configured to a ChrootDirectory. Within the chroot directory these users will only have either rssh or scponly shell (as they will be running either WinSCP or SftpDrive to access) and will not need nor be allowed command access. DSA key Authentication with password set to no. X forwarding, gateways, etc no. It will function purely as a central remote file storage. At the end I will use either Match Host or Match Address to accomodate the sudo. This will restrict the address for the sudo user. Under this match clause it will have no chrootdirectory, and other options specific to the sudo user. This will be in place to allow for a separation of the userspace from the / dir. Other security which is not relevant to this question will be in place, such as iptables, hosts.*, denyhosts, firewall, selinux, etc.
The main area I am having much difficulty with is how to establish the chroot directory. I will wish this directory to reside within its own partition preferredly on the secondary drive. I will allocate enough space and enable quotas to help in management of the disk usage. However, reading the man page tells me that I will have to move any files required for the users into the chroot directory. This is where the help is needed.
I have the partition allocated, but don't have any directory structures setup or files allocated. The mount point will likely be a directory off of / somewhere for the partition. Within that mount point is where I want the chroot to reside. (the partition is currently mounted at /chsshrd)
Can someone please help me to establish the necessary directory structure and files? I know I wish to have a private directory for each user (permissions set to the user only) with the ability for them to add / remove directories within their private directory. I also wish to have a shared common directory (Public) with the ability to add remove directories (sticky bit though so only the owner can edit or remove their own content.) Permissions here also will be set to the public directory and each recursive directory and file from that should inherit permissions from the Public parent. These should reflect *rw-r--r-t (no executables or binaries should exist within the chroot accessible to users.)
I know this seems kinda vague on the intended setup, but the ultimate goal is to have a separation of the standard users form the core system, and to restrict the available access location of the sudo user, because sudo will not be in the chroot. Can this be done? If so, what files/structures should exist within /chsshrd?
I appreciate any help I can get with this. I've considered the other options such as dual sshd's running or a vm, but weighing the work necessary against security needed I feel that the level of security that will exist is adequate to meet the risk assessment. I feel this option should provide the separation I need. Again, other measure will be in place ahead of this server that will assist in protecting it from attack. It's not foolproof or even fancy, but it meets the needs I have.
Thanks so much for helping me with this, and with the learning process in general!!!