With a standard install of Suse 10 and ISPConfig, what access will customers have if I enable shell access. i.e. 1) will they be able to restart the server 2) can they view other folders outside their own directory or anything else Thanks
1) No. 2) Yes. If you want to prevent this, you must use a ssh daemon that supports chrooting and then enable chrooting in ISPConfig. You will find several threads about this topic when you search for chroot ssh in the forum.
That means, on a fresh ISPC-Box I just have to run Page 1 of the SSH Chrooted Tutorial and set the value for ssh chroot in the config.inc.php from 0 to 1? Or do I have to do the things on Page 2 of the tutorial too? Actually there is no need for doing that: Code: mkdir /home/chroot/ mkdir /home/chroot/home/ cd /home/chroot mkdir etc mkdir bin mkdir lib mkdir usr mkdir usr/bin mkdir dev mknod dev/null c 1 3 mknod dev/zero c 1 5 on a ISPConfig Box, right? But is there the need to do the following, means running the Script that beginns with "APPS=..." and this: Code: cp /lib/libnss_compat.so.2 /lib/libnsl.so.1 /lib/libnss_files.so.2 ./lib/ echo '#!/bin/bash' > usr/bin/groups echo "id -Gn" >> usr/bin/groups touch etc/passwd grep /etc/passwd -e "^root" > etc/passwd You should also copy the line of the group in which you will create new users from /etc/group to /home/chroot/etc/group. In this tutorial we will create users in the group users, so we do this: grep /etc/group -e "^root" -e "^users" > etc/group and restart SSH: /etc/init.d/ssh restart ? There is a lot of confusion about that in the forum I guess, please give me/us a hint. Thx so much. p@sco
