[windows2000] Re: Sshwindows
- From: "Jon Spriggs" <jon@xxxxxxxxxxxxxx>
- To: windows2000@xxxxxxxxxxxxx
- Date: Tue, 26 Jun 2007 12:02:23 +0100
Hi Sorin,
I see you've already asked on the list I was going to recommend!
I can strongly recommend using COPSSH[1] rather than SSHWindows... the
SSHWindows project seemed to have stalled, whereas CopSSH is an active
project (partially because I've contributed to it). I can't see a CHROOT
Jail patch having been committed to this project, but I've found the author
of the project was very amenable to making changes.
Regards,
Jon
[1] http://www.itefix.no
On 25/06/07, Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx> wrote:
Hi all,
Anybody using this "mini-cygwin" ssh implementation for windows;
http://sourceforge.net/projects/sshwindows? Have a problem with it...
I installed ssh for windows on a win2k3 sp2 DC and it seems to work as
expected.
Using WinSCP to access the ssh server works excellent also.
Only problem is that when I login with a test domain user-account (which
has
no real priv's on the domain except for the home-folder which is a upload
shared folder on the DFS for a number of people) this user can access and
see
all the files in <c:\program files\openssh> including the passwd-file.
I don't feel this is a good idea. Any hints on as how to solve this? I
tried
to remove list ntfs-rights and so on to the whole openssh-folder, but this
only resulted in my test-account couldn't login at all.
I then reset the rights as they were before, but removed all
non-priviliegied
account rights to the etc-folder. This seems to work and the user is not
allowed to view the passwd and all files in the etc-folder.
Next I tried the same thing with the bin-folder in order to disallow use
of
makepasswd.exe and makegroup.exe, but this again disabled login of my
test-account.
So, currently I'm stuck with a no-access etc-folder for regular users,
which I
think is a really ugly way to do things.
Is there some other cleaner way to disallow access to "normal" users when
they
click the "/" in WinSCP?
TIA.
--
BW,
Sorin
# Sorin Srbu, Systems Engineer Web: http://www.orgfarm.uu.se
# Dept of Medicinal Chemistry, Phone: +46 (0)18-4714482 >3 signals> GSM
# Div of Org Pharm Chem, Mobile: +46 (0)701-718023
# Box 574, Uppsala University, Fax: +46 (0)18-4714482
# SE-751 23 Uppsala, Sweden Visit: BMC, Husargatan 3, D5:512b
#
# () ASCII ribbon campaign - Against html E-mail
# /\
#
# Harmless tagline follows:
#
# Some things Man was never meant to know. For everything else, there's
Google.
*****************************
New Site from The Kenzig Group!
Windows Vista Links, list options
and info are available at:
http://www.VistaPop.com
*****************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
--
Jon Spriggs LPIC-1 Certified
hackerkey
.com://v4sw6BHUhw5ln3pr5$ck4ma3u7L$w5TUX$m5l7ADFKLRSU$i852Ne5t5BGRSb8AGKMOPTen6a2Xs0Ir5p-
2.88/0g5CMT
Other related posts:
