You can use a combination of “jailkit” and pam’s chroot module for this, we’ll jail user “rdpm” in this example.
First, get jailkit from http://olivier.sessink.nl/jailkit/ , build it and install it
Now, create a generic jail
jk_init -v /home/jail sftp scp ssh jk_lsh basicshell
let’s now create the user “rdpm”
useradd -m -d /home/rdpm -g 10 rdpm
passwd rdpm
We want this to work only for ssh, so let’s add a line to /etc/pam.d/sshd to load the chroot module
session required pam_chroot.so debug
so, now let’s make rdpm’s home inside the jail directory
mkdir /home/jail/home/rdpm
chown rdpm /home/jail/home/rdpm
You may, if you want so, mount loopback his real home dir into the jail:
mount –bind /home/rdpm /home/jail/home/rdpm
And you may also make that bind mount permanent:
69/433
echo “/home/rdpm /home/jail/home/rdpm bind defaults,bind 0 0” >> /etc/fstab
let’s copy rdpm’s auth info into the jail
grep rdpm /etc/passwd >> /home/jail/etc/passwd
grep rdpm /etc/shadow >> /home/jail/etc/shadow
Let’s configure the chroot pam module
echo “rdpm /home/jail” >> /etc/security/chroot.conf
and that’s all, now “ssh rdpm@yourserver” and you’ll find urself in a jail
70/433