unix – 防止rssh用户离开他们的jail目录

我正在尝试使用rssh严格监禁用户/ home / user / public_html dirctories.
我让它在一个帐户可以在测试服务器上成功进入系统的工作,但是一旦我作为该帐户登录,我注意到我可以将目录更改为我想要的任何地方并查看文件的内容.我可能无法编辑或转移到那些目录,但我认为能够监禁他们的全部目的是为了防止这样的事情？

SSHD使用Subsystem sftp internal-sftp进行设置
RSSH将用户指定为只能使用scp和sftp
用户的帐户正在使用/usr/bin/rssh作为shell和/ home / user / public_html
用户的主目录是root：用户所有者：组

我注意到,他们可以查看他们可以查看的内容和目录的唯一文件都是世界可读的,这是有道理的,但为什么他们允许他们离开他们的目录呢？请不要说我只是回答了我自己的问题.目的是找到防止这种情况的最佳实践解决方案.

期望的结果是它们被限制为cd到任何不属于它们的目录的能力.

我在这里错过了什么吗？

这是rssh.conf文件的内容;

logfacility = LOG_USER

allowscp
allowsftp
#allowcvs
#allowrdist
#allowrsync
#allowsvnserve

# set the default umask
umask = 022

user=wwwtest1:077:110000:/home/wwwtest1/public_html

这是sshd_config文件的内容;

# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports,IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     %h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords,change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp

# Set this to 'yes' to enable PAM authentication,account processing,# and session processing. If this is enabled,PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication,then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes

Match Group sftp-only
    ChrootDirectory %h
    ForceCommand internal-sftp
    AllowTcpForwarding no