CHROOT implemented by ISPconfig

Discussion in 'Feature Requests' started by PermaNoob, Dec 1, 2008.

  1. PermaNoob

    PermaNoob New Member

    That would be cool :cool:
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    ISPConfig has this function already.
     
  3. PermaNoob

    PermaNoob New Member

    How do I implement it then? -- because users I create can browse the entire directory tree.
     
  4. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    1) Install a SSH daemon that is patched for chrooting by following step 2.1 and just this one step from the following tutorial:

    http://www.howtoforge.com/chroot_ssh_sftp_debian_etch

    2) Enable chrooting in the ispconfig config.inc.php file. All new or updated users are now chrooted.
     
  5. newmember

    newmember New Member

    Looking good for me.

    I had to install libpam0g-dev on ubuntu.

    Code:
    apt-get install libpam0g-dev
    then restarted ssh service:

    Code:
    /etc/init.d/ssh restart


    Enjoy..

    For me know all my users can use SFTP.
    They were already using FTPES and FTP.
     
    Last edited: Dec 12, 2008
  6. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Do not edit the password file, ISPConfig will remove your changes. You must enable chrooting in ispconfig as I pointed out above.
     
  7. Norman

    Norman Member HowtoForge Supporter

    Is this chroot safe from jailbreaking?
    There are a couple known approaches to this. Some exploits using procmail for example in one of the chroot guides described which allows someone to break the chroot.
     

Share This Page