Temp shell access with expiration

[lbeachmike]

It would be great if a feature could be added so that a user can be granted interim shell access with an expiration so that the admin does not have to rely on remembering to revoke a temporary grant.

For example -

A client's web designer needs shell access for two days to work on a project over a weekend. You'd have another option in the Manage Shell Access screen where you can select and then enter the number of days or hours to grant, and then that access will automatically expire after that amount of time has elapsed.

[cPanelDavidG]

Are there any particular things you're finding people do via shell access repeatedly? I ask because this could be something we could consider for putting inside cPanel and thus further reduce the need for SSH.

For example, some people used to want SSH just to use SFTP, but now we provide SFTP access even to those without SSH (admittedly, it is a very barebones access to their account). Others wanted SSH just so they could upload compressed files and then decompress them, so we added the ability to unzip files right into File Manager. If there's something people are doing via SSH often enough to establish a pattern of "hey, cPanel should add that as a feature" - we'd love to know about it.

[monarobase]

I can think of a few that some already have feature requests for (albeit quite old ones) :

ability to upload from an URL (when installing scripts it's much quicker to do a wget then to download to PC and upload again).

ability to recursivly download files from an external FTP account

ability to reset all chmod recursivly (in our case with suphp set 644 for files and 755 for directories)

ability to use git or another versioning tool

[lbeachmike]

wget is definitely a good idea, but the last user that asked for shell access simply wanted to be able to run scripts interactively to view errors directly. Otherwise, I barely get requests for ssh.

[NetMantis]

This should go without saying but just to point out the obvious ....

Shell access is EXTREMELY dangerous and very much not recommended even in a limited temporary capacity in any kind of shared hosting environment and I can't stress enough the dangers in allowing that even as "jailshell".

I'd strongly recommend steering away from allowing shell access in any capacity unless you can personally vouche for the person who'd you'd be allowing shell access --- if the answer to that would be a "no", I wouldn't recommend allowing it! You are much better of doing for them on their behalf the tasks they want to do.

[lbeachmike]

This should go without saying but just to point out the obvious ....

Shell access is EXTREMELY dangerous and very much not recommended even in a limited temporary capacity in any kind of shared hosting environment and I can't stress enough the dangers in allowing that even as "jailshell".

I'd strongly recommend steering away from allowing shell access in any capacity unless you can personally vouche for the person who'd you'd be allowing shell access --- if the answer to that would be a "no", I wouldn't recommend allowing it! You are much better of doing for them on their behalf the tasks they want to do.

The entire point of this feature request it so minimize the amount of time access is granted for when it must be granted. The risks are clearly understood, but you are not going to erase the need for functionality that grants it, so the best thing we can do is to minimize that access. This feature request works to that goal.