#1  
Old 17th May 2007, 20:41
mrdek11 mrdek11 is offline
Junior Member
 
Join Date: Feb 2007
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default Hiding other client's files

Hi, on my registrar's host, you can FTP/SSH to the server, and only see system files, and your own files... Is there a way to do this with ispconfig?
Such as, if you're logged on as web3_derek, you cannot see web1's files, or web2's files, etc...? I want to allow users to log in via FTP or SSH and still only be able to see their own files.
Thanks!
Reply With Quote
Sponsored Links
  #2  
Old 17th May 2007, 21:09
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,421
Thanks: 834
Thanked 5,500 Times in 4,329 Posts
Default

FTP: Enable chrooting to the users home directory in your proftpd.conf file.

SSH: Compile your SSH server to support chrooting and then enable chrooting for SSH in ISPConfig.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 17th May 2007, 22:57
mrdek11 mrdek11 is offline
Junior Member
 
Join Date: Feb 2007
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi, I've looked into chrooting, and can't get it to work. How can I automatically make it so all users except root can only see their /var/www/web# directory, and its subdirecotires?
My users connect via an ftp program (most use WinSCP), and I'd like to keep them locked inside their files, so they cant see other client's sources etc.
They connect to my proftpd server I believe, whatever is on port 22.
I used the dapper drake perfect setup. Is there a way to automaticlly lock all users to their directory, except for root?
Thanks!
Reply With Quote
  #4  
Old 17th May 2007, 23:24
mrdek11 mrdek11 is offline
Junior Member
 
Join Date: Feb 2007
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I just tried the chroot SSH howto, and it doesn't work.
http://www.howtoforge.com/chrooted_ssh_howto_debian

When I get to the part where I do this:
APPS="/bin/bash /bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh /bin/ping /usr/bin/dircolors"
for prog in $APPS; do
cp $prog ./$prog

# obtain a list of related libraries
ldd $prog > /dev/null
if [ "$?" = 0 ] ; then
LIBS=`ldd $prog | awk '{ print $3 }'`
for l in $LIBS; do
mkdir -p ./`dirname $l` > /dev/null 2>&1
cp $l ./$l
done
fi
done

It returns:

cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory





And the chrooting doesn't work. Also, if somebody can help me, and I get it working, how would I make ispconfig auto-chroot the user to their directory? Thanks!
Reply With Quote
  #5  
Old 18th May 2007, 09:43
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,421
Thanks: 834
Thanked 5,500 Times in 4,329 Posts
Default

You do not have to run the ssh chrooting script as this is all handled by ISPConfig. Just enable chrooting in /home/admispconfig/ispconfig/lib/config.inc.php and every new or updated user will be chrooted when your SSH daemon supports chrooting.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #6  
Old 18th May 2007, 19:03
mrdek11 mrdek11 is offline
Junior Member
 
Join Date: Feb 2007
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Why did you tell me I needed to recompile my ssh to enable chrooting if ispconfig handles it?

Also, I enabled it in that conf file, and nothing happened. I added/updated my users and they can still see the entire system.
Reply With Quote
  #7  
Old 18th May 2007, 21:05
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,421
Thanks: 834
Thanked 5,500 Times in 4,329 Posts
Default

Quote:
Originally Posted by mrdek11
Why did you tell me I needed to recompile my ssh to enable chrooting if ispconfig handles it?
Becuse you first have to recompile SSH before you can enable it in ISPConfig.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #8  
Old 18th May 2007, 21:57
mrdek11 mrdek11 is offline
Junior Member
 
Join Date: Feb 2007
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Alright... How would I go about doing that? I thought thats what I was doing in the chroot ssh howto..
Reply With Quote
  #9  
Old 19th May 2007, 11:03
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,421
Thanks: 834
Thanked 5,500 Times in 4,329 Posts
 
Default

1) Recompile SSH as described in the howto. What you did above and what caused you the error is that you tried to chroot a user account manually.

2) Enable chrooting in ISPConfig and make sure that you restarted your SSH server.

3) Update a user account or create a new one. Then check if a dot has been inserted in the home path of the user in /etc/passwd.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Duplicate folderes containing different files gwatts Technical 0 10th May 2007 16:59
pure-ftp woes d3th_n1gG4 Server Operation 4 24th January 2007 13:11
Network questions regarding Ubuntu Server lubod Installation/Configuration 7 3rd January 2007 18:53
Cant see my files on my ftp (vsftp) Malarie Installation/Configuration 1 1st December 2006 17:34
Hiding "users" the clients should not edit themselves jokuleo Installation/Configuration 1 15th March 2006 17:39


All times are GMT +2. The time now is 11:46.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.