Security Warning SSH not CHROOTED!

Discussion in 'Installation/Configuration' started by vaio1, Mar 18, 2010.

  1. vaio1

    vaio1 Member

    Hi guys only now I have discovered that all the users who connect themselves by a SSH client to the server can see all the system folders!

    How is it possible? :eek: :eek:

    Is there a way to set a Jail to it? The server is in production mode!

    thanks
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    By default, SSH accounts are never chrooted. Personally I wont give users SSH access if it is not absolutely nescessary.

    Have you patched your SSH daemon to support chrooting for ispconfig 2?
     
  3. vaio1

    vaio1 Member

    Hi again Till, I have followed the setup tutorial in this website and I have not found any ssh patch section. Please, can u tell me what have I do?

    thanks again
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Which Linux distribution?
     
  5. vaio1

    vaio1 Member

    We have the Centos 5 installed.
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

  7. vaio1

    vaio1 Member

    Already tested but without success. :(
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    And you created a new SSH user for testing?
     
  9. vaio1

    vaio1 Member

    I have enabled a user by the ISPConfig panel. is it sufficient?
     

Share This Page