# -  - #
# -  - #
# - Don't follow this link - #
# - Just for documentation - #
https://askubuntu.com/questions/93411/simple-easy-way-to-jail-users


:A
# -  - #
# - Teminal: Login server - #
ssh 192.168.1.101
cd /home/Data/Documents/Downloads;



:B
# -  - #
# - Download & Install - #
:a
# - Download - #
https://launchpad.net/ubuntu/focal/amd64/jailkit/2.21-2
http://ftp.br.debian.org/debian/pool/main/j/jailkit/jailkit_2.21-2_amd64.deb
:b
# -  - #
# - Install - #
sudo dpkg --install jailkit_2.21-2_amd64.deb;



:C
# -  - #
# - Create jail - #
sudo mkdir /home/jail;
sudo chown root:root /home/jail



:D
# -  - #
# - Create directories needed for user profile - #
sudo jk_init -v /home/jail basicshell
sudo jk_init -v /home/jail netutils
sudo jk_init -v /home/jail ssh
sudo jk_init -v /home/jail jk_lsh



:E
# -  - #
# - Add a new user with home directory & bash shell - #
sudo useradd -d /home/cvandemberg -m cvandemberg -s /bin/bash;
sudo passwd cvandemberg;



:F
# -  - #
# - Jail new user - #
sudo jk_jailuser -m -j /home/jail cvandemberg;



:G
# -  - #
# - Check /etc/passwd - #
cat /etc/passwd | grep cvandemberg;
cvandemberg:x:1003:1003::/home/jail/./home/cvandemberg:/usr/sbin/jk_chrootsh



:H
# -  - #
# - Enable bash - bash libraries copied to jail - #
sudo jk_cp -v -f /home/jail /bin/bash



:H
# -  - #
# - Edit /home/jail/etc/passwd - #
sudo vim /home/jail/etc/passwd
:a 
# - Look for user - #
/cvandemberg
cvandemberg:x:1003:1003::/home/cvandemberg:/usr/sbin/jk_lsh
:b 
# - Change - #
cvandemberg:x:1003:1003::/home/cvandemberg:/bin/bash



:I
# -  - #
# - Edit jail on /etc/ssh/sshd_config - #
sudo vim /etc/ssh/sshd_config
:a
# - Comment - #
#Subsystem sftp /usr/lib/openssh/sftp-server
:b
# - Add at eof - #
Subsystem sftp internal-sftp

Match user cvandemberg
ChrootDirectory /home/jail/home
ForceCommand internal-sftp -d /cvandemberg/Data



:J
# -  - #
# - Restart ssh - #
sudo service ssh restart;



:K
# -  - #
# - Add /home/Data to user - #
:a
# - Edit /etc/fstab - #
sudo vim /etc/fstab
:b 
# - Add at eof - #
# - cVandembergData - #
# - uServerVBox - #
/home/Data/cVandembergData /home/jail/home/cvandemberg/Data auto defaults,nofail,nobootwait,bind 0 2
:c 
# - Mount /etc/fstab - #
sudo mount -a;



:L
# -  - #
# - Login uServerVBox - #
# - Terminal - #

:a
# - ssh - #
ssh cvandemberg@192.168.1.101;

cvandemberg@192.168.1.101's password: 
This service allows sftp connections only.
Connection to 192.168.1.101 closed.

:b
# - sftp - #
sftp cvandemberg@192.168.1.101;
Connected to 192.168.1.101.
sftp>

:c
# - Thunar - #
sftp://cvandemberg@192.168.1.101






:Y
# -  - #
# - Maintenance (not working) - #
Using jk_update systems' updates passed to user's jail

sudo jk_update -j /home/jail -d



:Z
# -  - #
# - To test - #
# - Access to directories - #
mount --bind /media/$USER/Data/ /home/jail/home/jailtest/test/





# - eof - #