SSH Tunnel

1. create chroot folder

       mkdir -p /chroot-dir
       chown root.root /chroot-dir
       chmod go-w /chroot-dir
       

2. create sftp user

       useradd -s /bin/false -d /chroot-dir sftp-user1
       

3. creat user working directory

       mkdir /chroot-dir/sftp-user1
       chown sftp-user1.sftp-user1 /chroot-dir/sftp-user1
       chmod 700 /chroot-dir/sftp-user1
       

4. vi /etc/ssh/sshd_config

       # Match Group sftp-user-group
       Match User sftp-user1
           ChrootDirectory %h
           ForceCommand internal-sftp
       

5. restart sshd

       systemctl restart sshd