Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Feature Requests

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 1st December 2008, 01:50
PermaNoob PermaNoob is offline
Senior Member
 
Join Date: Jan 2007
Posts: 194
Thanks: 12
Thanked 5 Times in 5 Posts
Default CHROOT implemented by ISPconfig

That would be cool
Reply With Quote
Sponsored Links
  #2  
Old 1st December 2008, 19:19
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,977
Thanks: 825
Thanked 5,369 Times in 4,216 Posts
Default

ISPConfig has this function already.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 1st December 2008, 21:13
PermaNoob PermaNoob is offline
Senior Member
 
Join Date: Jan 2007
Posts: 194
Thanks: 12
Thanked 5 Times in 5 Posts
Default

Quote:
Originally Posted by till View Post
ISPConfig has this function already.
How do I implement it then? -- because users I create can browse the entire directory tree.
Reply With Quote
  #4  
Old 2nd December 2008, 09:15
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,977
Thanks: 825
Thanked 5,369 Times in 4,216 Posts
Default

1) Install a SSH daemon that is patched for chrooting by following step 2.1 and just this one step from the following tutorial:

http://www.howtoforge.com/chroot_ssh_sftp_debian_etch

2) Enable chrooting in the ispconfig config.inc.php file. All new or updated users are now chrooted.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 12th December 2008, 01:08
newmember newmember is offline
Junior Member
 
Join Date: Dec 2008
Posts: 19
Thanks: 0
Thanked 1 Time in 1 Post
Default

Looking good for me.

I had to install libpam0g-dev on ubuntu.

Code:
apt-get install libpam0g-dev
then restarted ssh service:

Code:
/etc/init.d/ssh restart


Enjoy..

For me know all my users can use SFTP.
They were already using FTPES and FTP.

Last edited by newmember; 12th December 2008 at 19:22.
Reply With Quote
  #6  
Old 12th December 2008, 07:47
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,977
Thanks: 825
Thanked 5,369 Times in 4,216 Posts
Default

Do not edit the password file, ISPConfig will remove your changes. You must enable chrooting in ispconfig as I pointed out above.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 18th December 2008, 04:19
Norman Norman is offline
HowtoForge Supporter
 
Join Date: May 2006
Posts: 242
Thanks: 0
Thanked 18 Times in 14 Posts
 
Default

Is this chroot safe from jailbreaking?
There are a couple known approaches to this. Some exploits using procmail for example in one of the chroot guides described which allows someone to break the chroot.
__________________
http://www.xh.se
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 3.0.0.4 Beta Released till General 54 4th March 2009 09:55
cannot access ispconfig site Nu2Linux Installation/Configuration 13 3rd January 2009 15:29
ISPConfig 2.3.1-dev released till General 0 8th May 2006 22:18
SP-Server Setup - Ubuntu 5.10 "Breezy Badger" - Page 6 (changes) LuisC-SM HOWTO-Related Questions 0 21st April 2006 15:16
Users and websites aren't created Glorfindel Installation/Configuration 9 23rd February 2006 04:20


All times are GMT +2. The time now is 00:22.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.