ispCP - Board - Support
SSH user for domain.tld - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Development Area (/forum-1.html)
+--- Forum: Suggestions (/forum-2.html)
+--- Thread: SSH user for domain.tld (/thread-7781.html)

Pages: 1 2


SSH user for domain.tld - koko92_national - 09-06-2009 11:37 PM

It will be nice if i could add chrooted ssh user for domain.tld Only to enter the username, password and directory. What do you think?


RE: SSH user for domain.tld - Nuxwin - 09-06-2009 11:53 PM

(09-06-2009 11:37 PM)koko92_national Wrote:  It will be nice if i could add chrooted ssh user for domain.tld Only to enter the username, password and directory. What do you think?

What would be the primary interest in the context of a shared hosting dedicated hosting web page? Certain panel offer this feature but I'm not sure it is indispensable.


RE: SSH user for domain.tld - sci2tech - 09-06-2009 11:55 PM

It is on the roadmap. As a matter of fact I already started some work on this but do not expect it too soon.


RE: SSH user for domain.tld - theprincy - 09-07-2009 01:50 AM

(09-06-2009 11:55 PM)sci2tech Wrote:  It is on the roadmap. As a matter of fact I already started some work on this but do not expect it too soon.

Sad


RE: SSH user for domain.tld - koko92_national - 09-07-2009 03:36 AM

(09-06-2009 11:55 PM)sci2tech Wrote:  It is on the roadmap. As a matter of fact I already started some work on this but do not expect it too soon.
Great in which version should we see it?


RE: SSH user for domain.tld - sci2tech - 09-07-2009 03:52 AM

Maybe 1.2.0


RE: SSH user for domain.tld - koko92_national - 09-07-2009 04:21 AM

Great this is matching with my plans perfectly. Thank you and I wish ISP Omega to become first of all Hosting Panels.


RE: SSH user for domain.tld - kilburn - 09-07-2009 10:13 AM

Quote:As a matter of fact I already started some work on this but do not expect it too soon.

Just for the record, which chroot solution are you planning to implement? Everytime that I've read about chrooted ssh access I'm left with the feeling that there is no really secure way to do it without a really big overhead....


RE: SSH user for domain.tld - koko92_national - 09-07-2009 09:00 PM

If he limits it by username and group name I think it will be all right.


RE: SSH user for domain.tld - kilburn - 09-07-2009 09:51 PM

Quote:If he limits it by username and group name I think it will be all right.

I'm speaking about the chroot concept, not about which permissions should you use. AFAIK chroots are either:
-) insecure : if there is a work-around to allow running binaries from outside the chroot
-) nearly unusable though a shell : if each chroot has just the minimal set of binaries accessible.
-) highly overloaded : if a complete copy/mount --bind/something like this is used so that chroot users have access to all binaries.

It has nothing to do about who you let access the chroot, but how you let him run the binaries.