Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th July 2006, 17:21
ctroyp ctroyp is offline
Senior Member
 
Join Date: Sep 2005
Posts: 292
Thanks: 3
Thanked 2 Times in 1 Post
Default Chrooted functionality?

I have successfully upgraded to version 2.2.5 and just tested the chroot function. I logged in using a non-admin user and was able to access higher levels above the user's jailed directory. I could get all the way up to root. Is this not a security issue? What do I need to do?
Reply With Quote
Sponsored Links
  #2  
Old 18th July 2006, 18:38
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,478
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

http://www.howtoforge.com/forums/sho...47&postcount=7
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 18th July 2006, 19:10
ctroyp ctroyp is offline
Senior Member
 
Join Date: Sep 2005
Posts: 292
Thanks: 3
Thanked 2 Times in 1 Post
Default

Excellent!!! Thanks again till!
Reply With Quote
  #4  
Old 18th July 2006, 19:55
ctroyp ctroyp is offline
Senior Member
 
Join Date: Sep 2005
Posts: 292
Thanks: 3
Thanked 2 Times in 1 Post
Default

Hmm, I installed openssh-4.2p1-chroot and followed the remaining commands in step 2 from the tutorial http://www.howtoforge.com/chrooted_ssh_howto_debian , restarted sshd and ISPConfig, but I can still break out of the jailed dir. Any initial ideas?

Btw, this is Fedora Core 4, rather than Debian, but that shouldn't matter I don't think.
Reply With Quote
  #5  
Old 18th July 2006, 22:10
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,033
Thanks: 261
Thanked 150 Times in 130 Posts
Default

I'm having the same problem with an updated server!

When I install ISPconfig on a clean Debian system (I love VMware) it's working fine!

*** Edit ***

I'm wrong.. It's also working on the old system... So I'm not having any problems.. All I needed was a SSH restart

Last edited by edge; 18th July 2006 at 22:26.
Reply With Quote
  #6  
Old 19th July 2006, 07:45
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,478
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

Quote:
Originally Posted by ctroyp
Hmm, I installed openssh-4.2p1-chroot and followed the remaining commands in step 2 from the tutorial http://www.howtoforge.com/chrooted_ssh_howto_debian , restarted sshd and ISPConfig, but I can still break out of the jailed dir. Any initial ideas?

Btw, this is Fedora Core 4, rather than Debian, but that shouldn't matter I don't think.
Did you enable SSH chrooting in ISPConfigs config.inc.php file?

Quote:
Then you will have to enable it in ISPConfig in the file config.inc.php, set:

$go_info["server"]["ssh_chroot"] = 1;

The user account will be chrooted for every user with SSH enabled that you create or update.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 19th July 2006, 12:45
ctroyp ctroyp is offline
Senior Member
 
Join Date: Sep 2005
Posts: 292
Thanks: 3
Thanked 2 Times in 1 Post
Default

Quote:
Originally Posted by till
Did you enable SSH chrooting in ISPConfigs config.inc.php file?
Yes, from /home/admispconfig/ispconfig/scripts/config.inc.php .
Reply With Quote
  #8  
Old 19th July 2006, 13:54
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Did you restart SSH?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Chrooted SSH HowTo question??? ctroyp HOWTO-Related Questions 86 24th February 2007 14:14
Chrooted SSH HowTo for Fedora Core 4? ctroyp HOWTO-Related Questions 3 26th May 2006 02:00
ssh chrooted unkn0wn Server Operation 16 20th May 2006 10:42
Chrooted SSH linuxuser1 Server Operation 6 18th April 2006 08:09
clamav functionality domino Technical 5 16th February 2006 14:10


All times are GMT +2. The time now is 01:35.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.