给selinux搞死了,忙了一个下午
1. /etc/ssh/sshd_config
StrictModes no
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
#ChallengeResponseAuthentication
Match User backup
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no
ChrootDirectory /data/backup/
2. restorecon -r -vv /data/
3. chcon -R –type=ssh_home_t /data/backup/.ssh
4. chcon –type=chroot_user_t /data/backup
5. chown root:root /data/backup
6. chmod 755 /data/backup
7. chmod 755 -R /data/backup/.ssh
8. mkdir -p /data/backup/data/backup
mkdir -p /data/backup/upload
9. chown backup:backup -R /data/backup/upload
chown backup:backup -R /data/backup/data
10. chcon –type=chroot_user_t -R /data/backup/data
chcon –type=chroot_user_t -R /data/backup/upload
参考网址:
1.解决authorized_keys’: Permission denied
http://www.jianshu.com/p/35feb4ff79c5
https://stackoverflow.com/questions/24832082/centos-7-sshd-permission-denied-on-authorized-keys-if-the-users-home-folder-i
https://segmentfault.com/q/1010000000445726
2. 解决 bad ownership or modes for chroot directory component
https://serverfault.com/questions/584986/bad-ownership-or-modes-for-chroot-directory-component
https://askubuntu.com/questions/134425/how-can-i-chroot-sftp-only-ssh-users-into-their-homes