Lock users into their /home dir
Hello,
I am having trouble locking users into their own directory's so they are unable to browse through the server.
I only want the user to be able to browse their own files, not anything on the server.
Is there anyway to set this up? (tried google'ing it, no luck)
Cheers,
Piers
Why do you think they are browsing the entire server? The only way this is possible by providing root access to each account.
Perhaps you are logging into a cpanel with root password and seeing the dropdown list for all domains?
Sorry, I should have been clearer on my previous post. When a user logs into their account via FTP, they are able to go "up a level" and browse all the dir's apart from other users, but they can see files on the server. I would like to lock users to their own directorys so they are unable to go "up a level" etc.
I have tried this from different account types only using their details to login, not the root login.
Thanks
Piers.
Last edited by nurvox; 06-03-2007 at 03:56 AM.
Did you log through FTP or through SFTP ? What you're describing looks more like SFTP...
Hi, thank you for the fast reply.
I think it was SFTP, port 21 wouldnt work for some reason so i tried 22, would this make it sftp?
Thanks,
Piers
ps: sorry for my ignorance.
Yes, port 22 is the default SSH port.
Default cpanel shell now gives SFTP access, even when the user doesn't have shell access.
FTP is chrooted to the /home/user/ folder only, SFTP is jailshelled and has more access. If your server is properly secured, this shouldn't be a problem.
Thank you again for a fast reply,
The server is secure (hopefuly), users should be using port 21 to access their ftp's shouldnt they?
Thank you,
Piers
FTP default port is 21 and SSH (SFTP) is 22.
If you don't want your customers to use SFTP, you can change the SSH port in /etc/ssh/ssh_config (don't forget to open the new port in your firewall if you have one).
This is the easiest way to prevent SFTP access, the most efficient being to disable password authentication and allow pubkey only authentication.
How can i disable password authentication and allow pubkey only authentication? I think that is the best option.
Thanks,
Piers
It shouldn't really matter if they can go up a level because it's only the files and directories that are relevant to their account that they will see.
They should drop into /home anyway and then go to public_html to do whatever they need to.
Our Website: http://www.enethosts.co.uk
Premium Value Server Management: Click Here
Our Off Network Support Services: Click Here
Our Webdesign Services: Click Here
Our Hosting Services: Click Here
VPS/VDS Hosting, Super Cheap, Below Competitive Prices and cPanel Virtuozzo: Click Here - You Won't Find A Better Deal!
In Your WHM >> Security Center >> SSH Password Auth Tweak
You can create and manage the keys in WHM >> Manage SSH Keys
Do take Yapluka's advice and change your ssh port at the very least.
thanks for the help.
looking into these key thing atm, although getting a bit confused.
LinkBack URL
About LinkBacks
Reply With Quote