Hi, on my registrar's host, you can FTP/SSH to the server, and only see system files, and your own files... Is there a way to do this with ispconfig? Such as, if you're logged on as web3_derek, you cannot see web1's files, or web2's files, etc...? I want to allow users to log in via FTP or SSH and still only be able to see their own files. Thanks!
FTP: Enable chrooting to the users home directory in your proftpd.conf file. SSH: Compile your SSH server to support chrooting and then enable chrooting for SSH in ISPConfig.
Hi, I've looked into chrooting, and can't get it to work. How can I automatically make it so all users except root can only see their /var/www/web# directory, and its subdirecotires? My users connect via an ftp program (most use WinSCP), and I'd like to keep them locked inside their files, so they cant see other client's sources etc. They connect to my proftpd server I believe, whatever is on port 22. I used the dapper drake perfect setup. Is there a way to automaticlly lock all users to their directory, except for root? Thanks!
I just tried the chroot SSH howto, and it doesn't work. http://www.howtoforge.com/chrooted_ssh_howto_debian When I get to the part where I do this: APPS="/bin/bash /bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh /bin/ping /usr/bin/dircolors" for prog in $APPS; do cp $prog ./$prog # obtain a list of related libraries ldd $prog > /dev/null if [ "$?" = 0 ] ; then LIBS=`ldd $prog | awk '{ print $3 }'` for l in $LIBS; do mkdir -p ./`dirname $l` > /dev/null 2>&1 cp $l ./$l done fi done It returns: cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory And the chrooting doesn't work. Also, if somebody can help me, and I get it working, how would I make ispconfig auto-chroot the user to their directory? Thanks!
You do not have to run the ssh chrooting script as this is all handled by ISPConfig. Just enable chrooting in /home/admispconfig/ispconfig/lib/config.inc.php and every new or updated user will be chrooted when your SSH daemon supports chrooting.
Why did you tell me I needed to recompile my ssh to enable chrooting if ispconfig handles it? Also, I enabled it in that conf file, and nothing happened. I added/updated my users and they can still see the entire system.
Alright... How would I go about doing that? I thought thats what I was doing in the chroot ssh howto..
1) Recompile SSH as described in the howto. What you did above and what caused you the error is that you tried to chroot a user account manually. 2) Enable chrooting in ISPConfig and make sure that you restarted your SSH server. 3) Update a user account or create a new one. Then check if a dot has been inserted in the home path of the user in /etc/passwd.
