Current time: 11-25-2024, 11:27 AM Hello There, Guest! (LoginRegister)


Post Reply 
SSH user for domain.tld
Author Message
sci2tech Away
Senior Member
****

Posts: 1,285
Joined: Jan 2007
Reputation: 23
Post: #11
RE: SSH user for domain.tld
(09-07-2009 09:51 PM)kilburn Wrote:  -) nearly unusable though a shell : if each chroot has just the minimal set of binaries accessible.
But configurable Smile. And using hard links
Another idea is Busybox that do a great job with this.
(This post was last modified: 09-08-2009 12:54 AM by sci2tech.)
09-08-2009 12:54 AM
Visit this user's website Find all posts by this user Quote this message in a reply
koko92_national Offline
Junior Member
*

Posts: 70
Joined: Jul 2008
Reputation: 0
Post: #12
RE: SSH user for domain.tld
Hard links are not so offently used by administrators (I think).
09-08-2009 05:45 AM
Find all posts by this user Quote this message in a reply
sseitz Offline
Junior Member
*

Posts: 17
Joined: Mar 2009
Reputation: 0
Post: #13
RE: SSH user for domain.tld
I've recently introduced some proof-of-concept howto and a suggestion on how to implement SSH. Please see: http://www.isp-control.net/forum/thread-7948.html

Hopefully some ispCP developer reads this Wink
09-24-2009 12:02 AM
Find all posts by this user Quote this message in a reply
koko92_national Offline
Junior Member
*

Posts: 70
Joined: Jul 2008
Reputation: 0
Post: #14
RE: SSH user for domain.tld
(09-24-2009 12:02 AM)sseitz Wrote:  I've recently introduced some proof-of-concept howto and a suggestion on how to implement SSH. Please see: http://www.isp-control.net/forum/thread-7948.html

Hopefully some ispCP developer reads this Wink

Great!
09-25-2009 02:38 AM
Find all posts by this user Quote this message in a reply
sci2tech Away
Senior Member
****

Posts: 1,285
Joined: Jan 2007
Reputation: 23
Post: #15
RE: SSH user for domain.tld
It is close to what I have in mind Wink
09-25-2009 03:59 AM
Visit this user's website Find all posts by this user Quote this message in a reply
kassah Offline
Junior Member
*

Posts: 46
Joined: Oct 2010
Reputation: 1
Post: #16
RE: SSH user for domain.tld
I would actually be down with just a normal shell as the right user as long as admin/reseller can turn it on and off. Security will only be as good as it's weakest point, which generally is PHP.
11-06-2010 06:54 AM
Find all posts by this user Quote this message in a reply
frustro Offline


Posts: 3
Joined: Nov 2010
Reputation: 0
Post: #17
RE: SSH user for domain.tld
(09-07-2009 09:51 PM)kilburn Wrote:  
Quote:If he limits it by username and group name I think it will be all right.

I'm speaking about the chroot concept, not about which permissions should you use. AFAIK chroots are either:
-) insecure : if there is a work-around to allow running binaries from outside the chroot
-) nearly unusable though a shell : if each chroot has just the minimal set of binaries accessible.
-) highly overloaded : if a complete copy/mount --bind/something like this is used so that chroot users have access to all binaries.

It has nothing to do about who you let access the chroot, but how you let him run the binaries.

Bump for jailshell users.
11-14-2010 02:04 AM
Find all posts by this user Quote this message in a reply
jeab101 Offline


Posts: 1
Joined: Nov 2010
Reputation: 0
Post: #18
RE: SSH user for domain.tld
Oh. I'm Plans is same.
11-18-2010 08:13 PM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)