Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 11-13-2024, 06:12 PM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega Development Area / General discussion v / SSH access for user

Post Reply 
SSH access for user
Author Message
rbtux Offline
Moderator
*****
Moderators

Posts: 1,847
Joined: Feb 2007
Reputation: 33
Post: #11
RE: SSH access for user
Zothos Wrote:Normaly all servers accept a strg + alt + entf by default..... And thats only the minor things which can happen.

every nearly responsible system administrator turns this off the first thing after the installation :-)
07-23-2007 11:48 PM
Visit this user's website Find all posts by this user Quote this message in a reply
raphael Offline
Member
***

Posts: 474
Joined: Apr 2007
Reputation: 8
Post: #12
RE: SSH access for user
Zothos Wrote:Normaly all servers accept a strg + alt + entf by default..... And thats only the minor things which can happen.
I completely agree with rbtux's statement Wink


and for setting a password check man passwd (/usr/bin/passwd)
07-24-2007 03:07 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Zothos Offline
Release Manager
*****
Dev Team

Posts: 1,262
Joined: Feb 2007
Reputation: 10
Post: #13
RE: SSH access for user
it was just an example Wink
07-24-2007 06:30 AM
Find all posts by this user Quote this message in a reply
blocker Offline
Junior Member
*

Posts: 123
Joined: Apr 2007
Reputation: 2
Post: #14
RE: SSH access for user
how about user can have a ssh daemon in jail ? so in that way user can ssh to his own account, is this possible ?
07-24-2007 05:14 PM
Find all posts by this user Quote this message in a reply
BeNe Offline
Moderator
*****
Moderators

Posts: 5,899
Joined: Jan 2007
Reputation: 68
Post: #15
RE: SSH access for user
In Jail ?
I only know about it in FreeBSD...don´t know if this works on Debian or something else.

Greez BeNe
07-24-2007 06:24 PM
Visit this user's website Find all posts by this user Quote this message in a reply
rbtux Offline
Moderator
*****
Moderators

Posts: 1,847
Joined: Feb 2007
Reputation: 33
Post: #16
RE: SSH access for user
yes it works, but you need a to write a chroot skript which includes all the commands you'll need in th jail... it's a little complicated^^
07-24-2007 07:08 PM
Visit this user's website Find all posts by this user Quote this message in a reply
rbtux Offline
Moderator
*****
Moderators

Posts: 1,847
Joined: Feb 2007
Reputation: 33
Post: #17
RE: SSH access for user
maybe something like this skript may help...

http://de.gentoo-wiki.com/SSH_Login_ins_Chroot
07-24-2007 07:09 PM
Visit this user's website Find all posts by this user Quote this message in a reply
ephigenie Offline
Project Leader
*******
Administrators

Posts: 1,578
Joined: Oct 2006
Reputation: 15
Post: #18
RE: SSH access for user
yeah or just scponly access ?

http://www.isp-control.net/ispcp/wiki/ch...per_skript
http://www.isp-control.net/ispcp/wiki/scponly_chroot

In upcoming releases we need a full chroot environment - to use sbox or similar wrapper to chroot cgi and if we're going to chroot the fastcgi as well its one more cause for a good chroot - creation script.
So if we've that chroot env already there - it should be easy to allow ssh logins into it, too. There are wrapper scripts as shell replacements which can be put into the /etc/passwd and eval the path of the current user if there's something like that /var/www/virtual/./<domain>.<tld>/ the user will get chrooted to /domain.tld/
07-24-2007 08:00 PM
Visit this user's website Find all posts by this user Quote this message in a reply
achioo Offline
Junior Member
*

Posts: 76
Joined: Nov 2006
Reputation: 0
Post: #19
RE: SSH access for user
How do we use the wrapper to restrict our users to their directory?
07-25-2007 03:24 AM
Find all posts by this user Quote this message in a reply
Lonesome Walker Offline
Junior Member
*

Posts: 28
Joined: May 2007
Reputation: 1
Post: #20
RE: SSH access for user
Um well...
The idea of a shell account...

I don't want to be rude, but:
Only script kiddies need one.
Other companies/users will have their own server.

Have a look at PLESK, then you can see how this works.
Personally i don't like this option, because one bug in this shell replacement, and the whole server is busted.

But this is just the opinion of a pen-tester...
07-25-2007 04:11 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 8 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication