CHROOT implemented by ISPconfig

Discussion in 'Feature Requests' started by PermaNoob, Dec 1, 2008.

  1. PermaNoob

    PermaNoob New Member

    That would be cool :cool:
     
  2. till

    till Super Moderator

    ISPConfig has this function already.
     
  3. PermaNoob

    PermaNoob New Member

    How do I implement it then? -- because users I create can browse the entire directory tree.
     
  4. till

    till Super Moderator

    1) Install a SSH daemon that is patched for chrooting by following step 2.1 and just this one step from the following tutorial:

    http://www.howtoforge.com/chroot_ssh_sftp_debian_etch

    2) Enable chrooting in the ispconfig config.inc.php file. All new or updated users are now chrooted.
     
  5. newmember

    newmember New Member

    Looking good for me.

    I had to install libpam0g-dev on ubuntu.

    Code:
    apt-get install libpam0g-dev
    then restarted ssh service:

    Code:
    /etc/init.d/ssh restart


    Enjoy..

    For me know all my users can use SFTP.
    They were already using FTPES and FTP.
     
    Last edited: Dec 12, 2008
  6. till

    till Super Moderator

    Do not edit the password file, ISPConfig will remove your changes. You must enable chrooting in ispconfig as I pointed out above.
     
  7. Norman

    Norman HowtoForge Supporter

    Is this chroot safe from jailbreaking?
    There are a couple known approaches to this. Some exploits using procmail for example in one of the chroot guides described which allows someone to break the chroot.
     

Share This Page