Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th July 2006, 18:21
ctroyp ctroyp is offline
Senior Member
 
Join Date: Sep 2005
Posts: 292
Thanks: 3
Thanked 2 Times in 1 Post
Default Chrooted functionality?

I have successfully upgraded to version 2.2.5 and just tested the chroot function. I logged in using a non-admin user and was able to access higher levels above the user's jailed directory. I could get all the way up to root. Is this not a security issue? What do I need to do?
Reply With Quote
Sponsored Links
  #2  
Old 18th July 2006, 19:38
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,482
Thanks: 835
Thanked 5,524 Times in 4,345 Posts
Default

http://www.howtoforge.com/forums/sho...47&postcount=7
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 18th July 2006, 20:10
ctroyp ctroyp is offline
Senior Member
 
Join Date: Sep 2005
Posts: 292
Thanks: 3
Thanked 2 Times in 1 Post
Default

Excellent!!! Thanks again till!
Reply With Quote
  #4  
Old 18th July 2006, 20:55
ctroyp ctroyp is offline
Senior Member
 
Join Date: Sep 2005
Posts: 292
Thanks: 3
Thanked 2 Times in 1 Post
Default

Hmm, I installed openssh-4.2p1-chroot and followed the remaining commands in step 2 from the tutorial http://www.howtoforge.com/chrooted_ssh_howto_debian , restarted sshd and ISPConfig, but I can still break out of the jailed dir. Any initial ideas?

Btw, this is Fedora Core 4, rather than Debian, but that shouldn't matter I don't think.
Reply With Quote
  #5  
Old 18th July 2006, 23:10
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,037
Thanks: 269
Thanked 154 Times in 133 Posts
Default

I'm having the same problem with an updated server!

When I install ISPconfig on a clean Debian system (I love VMware) it's working fine!

*** Edit ***

I'm wrong.. It's also working on the old system... So I'm not having any problems.. All I needed was a SSH restart

Last edited by edge; 18th July 2006 at 23:26.
Reply With Quote
  #6  
Old 19th July 2006, 08:45
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,482
Thanks: 835
Thanked 5,524 Times in 4,345 Posts
Default

Quote:
Originally Posted by ctroyp
Hmm, I installed openssh-4.2p1-chroot and followed the remaining commands in step 2 from the tutorial http://www.howtoforge.com/chrooted_ssh_howto_debian , restarted sshd and ISPConfig, but I can still break out of the jailed dir. Any initial ideas?

Btw, this is Fedora Core 4, rather than Debian, but that shouldn't matter I don't think.
Did you enable SSH chrooting in ISPConfigs config.inc.php file?

Quote:
Then you will have to enable it in ISPConfig in the file config.inc.php, set:

$go_info["server"]["ssh_chroot"] = 1;

The user account will be chrooted for every user with SSH enabled that you create or update.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 19th July 2006, 13:45
ctroyp ctroyp is offline
Senior Member
 
Join Date: Sep 2005
Posts: 292
Thanks: 3
Thanked 2 Times in 1 Post
Default

Quote:
Originally Posted by till
Did you enable SSH chrooting in ISPConfigs config.inc.php file?
Yes, from /home/admispconfig/ispconfig/scripts/config.inc.php .
Reply With Quote
  #8  
Old 19th July 2006, 14:54
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,745 Times in 2,578 Posts
Default

Did you restart SSH?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Chrooted SSH HowTo question??? ctroyp HOWTO-Related Questions 86 24th February 2007 15:14
Chrooted SSH HowTo for Fedora Core 4? ctroyp HOWTO-Related Questions 3 26th May 2006 03:00
ssh chrooted unkn0wn Server Operation 16 20th May 2006 11:42
Chrooted SSH linuxuser1 Server Operation 6 18th April 2006 09:09
clamav functionality domino Technical 5 16th February 2006 15:10


All times are GMT +2. The time now is 14:29.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.