I need to give ftp/ssh access to a friend of mine on my ubuntu 14.04 Amazon ec2 instance But i want to jail his access.

I can't really find any tutorials that work! steps i've taken:


1. add user: adduser jail-user
2. add group: addgroup group1
3. Add user to group: usermod -a -G groupName userName
4. Create the chroot directory: sudo mkdir /var/www/GroupFolder/ ----- sudo chmod g+rx /var/www/GroupFolder/ (as root obviously)
5. Create the group-writable directory: sudo mkdir -p /var/www/GroupFolder/files/ ---sudo chmod g+rwx /var/www/GroupFolder/files/ (as root obviously)
6. Give them both to the new group: sudo chgrp -R groupname /var/www/GroupFolder/ (as root obviously)

after that i went to /etc/ssh/sshd_config and i added in the end of the file:

Match Group groupname
# Force the connection to use SFTP and chroot to the required directory.
ForceCommand internal-sftp
ChrootDirectory /var/www/GroupFolder/
# Disable tunneling, authentication agent, TCP and X11 forwarding.
PermitTunnel no
AllowAgentForwarding no
AllowTcpForwarding no
X11Forwarding no



7. copy pem to users authorized keys:
a) sudo -u jail-user mkdir /home/jail-user/.ssh
b) sudo cat /home/ubuntu/.ssh/authorized_keys | sudo -u root tee /home/jail-user/.ssh/authorized_keys


But jail-user cant log in as it says authentication failed - incorrect ownership of chroot???


Help?