This project isn't being actively maintained. That also means it is not supported. It is provided for archival and academic purposes only and should never be used in a production environment.
I am new to docker and your image, so forgive my (possible) ignorance. I ran your image and was able to log into the SFTP server, but discovered the user did not have write privileges. I noticed the following line in /entrypoint.sh:
chown root:root $SFTP_CHROOT/$user
which I changed to:
chown $user:root $SFTP_CHROOT/$user
This allows the user to write to their own folder. Was there a reason that you made the owner of the users folder root? Perhaps you only wanted a read-only container? If so, then it is my belief the folder should be owned by the user and the permissions of the folder should remove write privileges. Am I missing something obvious?
This issue is a reply to your question in #2. I'm sorry to reply so late, I never saw your comment. I cannot reply in the original issue, because I've been locked out of it. Your recent changes highlighted the issue for me again.
I suspect you are right and I am interested in looking into this. One thing that is troublesome to me is I cannot find these hpn specific settings documented anywhere? Do you have any link or source that might aid me?
when i try to connect from other container using below command
[root@355f3fbc7c97 /]# sftp test123:[email protected]:22/upload
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Couldn't read packet: Connection reset by peer
telnet is working
[root@355f3fbc7c97 /]# telnet 10.200.4.154 22
Trying 10.200.4.154...
Connected to 10.200.4.154.
Escape character is '^]'.
SSH-2.0-OpenSSH_7.4
I have the container setup with variables changing the username and password. When I connect to it using the correct username and password, the connection is closed by the server immediately. Incorrect user names and passwords throw messages about being incorrect, its only when everything is correct that the connection is dropped.
Accepted password for downloader from 192.168.1.4 port 54111 ssh2
bad ownership or modes for chroot directory component "/"
Accepted password for downloader from 192.168.1.4 port 54118 ssh2
bad ownership or modes for chroot directory component "/"
Address x.x.x.x maps to x.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Accepted password for downloader from x.x.x.x port 3287 ssh2
bad ownership or modes for chroot directory component "/"
Address x.x.x.x maps to x.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Accepted password for downloader from x.x.x.x port 3292 ssh2
bad ownership or modes for chroot directory component "/"