Re: chrooted SFTP (show only user files)



Unsure what plesk really is, might be just another click&droll
admin tool? Doubtable if will work without enhancing it, those
tools just don't have any flexibility and should be avoided

when you are running a hosting server I think drag & drop tools make
sense, since not every user is a pro, however some of them need more control
over their dedicated servers and VPS accounts.

unfortunately , I don't think that in this particular case I will be able to
use SSH chroot patch
on this server since SSH is the only way I can connect.

I got 'rssh' and 'scponlyc' running , however when a user connects using a
SFTP
client - besides his home directory files he can also see the chroot folder
files:

/etc/passwd
/lib/...
and so on ,

any idea how I could hide these files ? I noticed some hosting providers
are using RSSH
(but I am not sure maybe they also patched SSH ?)
and somehow when I connect using SFTP I only see my home directory files and
nothing more.

How long do we have to wait till we get a SFPT-only daemon application that
does not
depend on SSH ? An application that has it's own user table (with no need
to create system users, and
then lock them out) ...

Ironically, there are already such solutions freely available for Windows
(http://freeftpd.com/).





.



Relevant Pages

  • Re: Trouble with X11 over SSH on Mandriva 2010.0
    ... If next clean install/update causes ssh to break, ... installed the sshd daemon/service package (OpenSSH Server) on the server. ... correct values for client and server. ...
    (comp.os.linux.networking)
  • Re: Apache Software Foundation Server compromised, resecured. (fwd)
    ... this was one "result" of the comromised ssh binary at sourceforge. ... a public server of the Apache Software Foundation ... > (ASF) was illegally accessed by unknown crackers. ... > exhaustive audit of all Apache source code and binary distributions ...
    (FreeBSD-Security)
  • Re: FreeBSD Crash without Errors, Warnings, or Panics
    ... I suppose I could run on stable until the driver is fixed in a release branch, but I need this box up and online, and I've always read that the stable branch is not the place for production servers. ... I'm running 6.0-RELEASE-p5 on a Toshiba built server: dual Xeon Intel motherboard with a LSILogic MegaRAID controller. ... Also, some network ports still respond, like a telnet to port 22 to test SSH will yield an SSH banner, but trying to connect with SSH just hangs. ... The box runs a web-based app and connects to a local Postgres DB which seemed to be unable to start new connections being requested by the PHP scripts. ...
    (freebsd-hackers)
  • Re: restrict ssh access
    ... > We have one ssh server which receives about 6000 failed attempts to ... > unsuccessful login attempts per client IP address? ... the remote server is also running OpenSSH. ...
    (comp.security.ssh)
  • Re: SSH as root
    ... Subject: SSH as root ... but it doesn't require having a key on the server that could be ... If they compromise a server, and the passphrase, etc. is there, they only ... private key to anyone. ...
    (SSH)