HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   Protecting user directories and admispconfig question (http://www.howtoforge.com/forums/showthread.php?t=13710)

Mr Blek 28th June 2007 18:47

Protecting user directories and admispconfig question
 
What access permissions should be applied to /home/admispconfig

Any user that can access SSH can browse to that directory and read files.

Also, SSH users can browse to the /srv/www/web* directory of any other host and read their files. How can I have this protected by default when the account is created?

Thanks

till 28th June 2007 18:53

There is nothing that a SSH user might see in /home/admispconfig/ that he can not see when he downloads the ISPConfig installer tar.gz, all login information and passwords are protected. You must enable SSH chrooting. Please search the forum for "chroot ssh" for detailed instructions.

Mr Blek 28th June 2007 19:53

Thanks. Didn't realise I'd double posted.

Mr Blek 28th June 2007 21:26

Installed ssh with chroot, followed instructions per debian how to

ISPConfig with chroot off:

web4_admin:x:10004:10004:admin:/srv/www/web4:/bin/bash

ISPConfig with chroot on:

web4_admin:x:10004:10004:admin:/srv/www/web4/./:/bin/bash

When its turned on, the shell exits immediately. What's gone wrong?

falko 29th June 2007 19:18

Any errors in your logs?

Mr Blek 29th June 2007 20:35

None in /var/log/messages

falko 30th June 2007 17:29

And in the other logs, e.g. /var/log/auth.log?

Mr Blek 30th June 2007 19:31

I don't actually have that log file. the ones I can see are:

__________________________________________________ _________
YaST2 evms-engine.log mcelog zmd-backend.log
acpid faillog messages zmd-backend.log-20070627.bz2
apache2 httpd mysqld.log zmd-backend.log-20070629.bz2
apparmor ispconfig_install.log news zmd-backend.log-20070630.bz2
audit krb5 ntp zmd-messages.log
boot.log lastlog scpm zmd-messages.log.2007-06-26
boot.msg mail smpppd zmd-messages.log.2007-06-27
boot.omsg mail.err warn zmd-messages.log.2007-06-28
cups mail.info wtmp zmd-messages.log.2007-06-29
evms-engine.1.log mail.warn xferlog
__________________________________________________ ___________

/var/log/messages was the only place I could find any ssh logging


All times are GMT +2. The time now is 02:57.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.