diff --git a/defaults/main.yml b/defaults/main.yml
index 03848af..55816d2 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -39,6 +39,7 @@ sshd_use_pam: "yes"
 sshd_use_dns: "no"
 sshd_sftp_chroot: "no"
 sshd_sftp_chroot_group: sftponly
+sshd_sftp_chroot_directory: "%h"
 sshd_stream_local_bind_unlink: "no"
 sshd_allow_agent_forwarding: "no"
 # manage authorized keys globally and exclusively
diff --git a/templates/sshd_config.j2 b/templates/sshd_config.j2
index c33da85..6410e07 100644
--- a/templates/sshd_config.j2
+++ b/templates/sshd_config.j2
@@ -141,7 +141,7 @@ Subsystem       sftp    internal-sftp
 
 {% if sshd_sftp_chroot == 'yes' %}
 Match Group {{ sshd_sftp_chroot_group }}
-        ChrootDirectory %h
+        ChrootDirectory {{ sshd_sftp_chroot_directory }}
         ForceCommand internal-sftp
         AllowTcpForwarding no
 {% endif %}