[Linux-Discussion] Re: can I give a user ssh perms and still have em chrooted?
- From: "David Bruce Jr" <dbartbruce@xxxxxxxx>
- To: <linux-discussion@xxxxxxxxxxxxx>
- Date: Wed, 5 Dec 2001 14:12:09 -0500
rpm -qa says I have this version:
openssh-2.9p2-1
(sercureCRT is so cool...all I had to do was do a windows-ish
Find and I found it without any messy grep stuff)
duh...I shoulda known it would be in /etc
cd /etc/ssh
cat ssh_config showed me this:
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsAuthentication no
# RhostsRSAAuthentication yes
# RSAAuthentication yes
# PasswordAuthentication yes
# FallBackToRsh no
# UseRsh no
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking yes
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_dsa
# IdentityFile ~/.ssh/id_rsa
# Port 22
Protocol 2,1
# Cipher blowfish
# EscapeChar ~
don't see where there is any chroot option
HOWever...I did take a peek at webmin
(I know, I know..I've got SSL enabled correctly on it)
I found that my server's interface/control panel did not
give the user a shell...
I gave em bash within webmin useradmin
presto chango...they can ssh in now
and they can look around outside thier /home
but don't have permissions to do write to files...
hmm, now I'm worried about the cgi-bin files that have
777 perms
but they can get into thier dir now
thanks
I feel like I did back in '99 when win95 was new to me
David
----- Original Message -----
From: "John Madden" <jmadden@xxxxxxxxxxxxx>
To: <linux-discussion@xxxxxxxxxxxxx>
Sent: Wednesday, December 05, 2001 1:13 PM
Subject: [Linux-Discussion] Re: [Linux-Discussion] can I give a user ssh
perms and still have em chrooted?
>
> > Does giving a user telnet permissions have anything to do
> > with giving them ssh permissions?
>
> Yeah, permission-wise, they're the same thing. When you add a user to the
> system, they can telnet, ftp, ssh, etc., provided those services are
> available and configured correctly.
>
> > I think there is a ssh server...is there an ssh.conf or something
> > similar?
>
> Well make sure it's up to date first, don't just go opening ports
> willy-nilly. Everything for ssh should be in /etc/ssh or /etc/ssh2,
> depending on what vendor you're using.
>
> > I want to give a user ssh perms and NOT give em access to root
> > can they be chrooted?
>
> No user has "access to root" unless a) the box is compromised or b) you
give
> them the root password.
>
> John
>
>
>
>
>
> --
> John Madden
> UNIX Systems Engineer
> Ivy Tech State College
> jmadden@xxxxxxxxxxxxx
>
>
>
>
Other related posts:
