it would also be nice if users which I create under ISPconfig would be automatically chrooted from the beginning. Thx
sorry - I'm talking about ssh. I know there is a how to for debian users but it's not working out if you create new users via ispconfig - they still createt like usual users without the chroot privilegs. You have to change each user by hand. Leander
It is working out oif the box I guess you did not enable chrooting in ISPConfig in the file /home/admispconfig/ispconfig/config.inc.php. ISPConfig is not able to guess if your SSH daemon supports chrooting and as all SSH demons does not support it by default, it is disabled by default.
Hi Till, I just did this HowTo to enable the chroot on my ssh daemon. http://www.howtoforge.com/chrooted_ssh_howto_debian ^^it's working for the testuser but not for ISP ones. I didn't find the file where you told me to enable this option for ISPconfig cosutumers. Code: server1:~# ls -lach /home/admispconfig/ispconfig/ total 276K drwxr-xr-x 8 admispconfig admispconfig 4.0K Mar 11 13:45 . drwxr-xr-x 4 admispconfig admispconfig 4.0K Feb 6 20:40 .. -rw-r--r-- 1 admispconfig admispconfig 14 Mar 9 23:52 adminmail.txt drwxrwx--- 2 admispconfig mysql 4.0K Feb 6 20:40 backup drwxr-xr-x 4 admispconfig admispconfig 4.0K Feb 6 20:40 files -rw-r--r-- 1 admispconfig admispconfig 226K Mar 11 13:45 ispconfig.log drwxr-xr-x 6 admispconfig admispconfig 4.0K Feb 6 20:40 lib -rw-r--r-- 1 root root 862 Feb 6 20:40 sysconf.txt drwxr-xr-x 6 admispconfig admispconfig 4.0K Mar 10 00:00 temp drwxr-xr-x 9 admispconfig admispconfig 4.0K Feb 6 23:47 tools -rw-r--r-- 1 root root 166 Feb 6 20:40 users drwxr-xr-x 20 admispconfig admispconfig 4.0K Feb 6 23:44 web server1:~# Thx! ;-) Leander
The howtos is not especually for ISPConfig, but the general setup is ok.If you did not enable it in ISPConfig yet, it can not work. The file is: /home/admispconfig/ispconfig/lib/config.inc.php There rae several threads here in the forum about enabling chrooting. just search for the words "chroot ssh". By the way, if you dont know the location of a file, just run: locate name_of_thefile
@till please keep in mind that the create_chroot script will NOT WORK with the soon comming etch version. i posted a working script here in the forum. please use this. if you like: i also have a script enabling mysql and unzip for the chrooted user (especially mysql will NOT work without a little "trick". if you like this idea post here and i send you "my" script ;-) Olli
Can be done chroot for all services? I mean shell, web, ftp, etc. Like cpanel does? Regards, Taguapire.
