Need some help and info for sftp-server

[yamaharr1]

I have a couple of users entering in through the sftp-server and wanted to know if this is something I should be worried about? Should (if it even can be) the sftp-server be shut down?

When I do
pic /etc/passwd | grep user

It returns
/home/user:/usr/local/cpanel/bin/noshel

From some of the searches I have done the noshell is a bad thing, how do I change it? And to what?

I do allow some accounts to have SSH access and I do have those accounts set as jailshell through WHM but the account in the example above does not have SSH allowed.

Basically any information anyone is willing to provide is greatly appreciated.

cPanel 11.24.4-C35075 - WHM 11.24.2 - X 3.9
CENTOS 5.2 i686 standard on server

[yamaharr1]

I have tried an old command I think and now it has given me a failed so it is something stupid on my part, if anyone knows how I can reverse it.

I issued the command: ln -s /bin/false /usr/libexec/openssh/sftp-server and once I went to restart the SSH it has now failed, any ideas on reversing this would also be appreciated

[Infopro]

I have a couple of users entering in through the sftp-server and wanted to know if this is something I should be worried about? Should (if it even can be) the sftp-server be shut down?

[snipped]

As long as it's one of your users, not to worry too much I don't think.

If you login to a cPanel account and click the FTP accounts icon, half way down that page you'll see the user account name, type, and so on. Under the Functions section that icon titled "Configure FTP Client" if you click that you'll be taken to a page that lists SFTP connection port number for your users to use for SFTP.

I issued the command: ln -s /bin/false /usr/libexec/openssh/sftp-server and once I went to restart the SSH it has now failed, any ideas on reversing this would also be appreciated

This should help.

http://www.google.com/search?hl=en&q...c+link+to+file

[yamaharr1]

Thanks infopro but the information you have provided is to check the sftp info, I already no that.

I am more worried about the users "noshel" on the sftp

Also a link to Google hmmm not exactly the best solution now is it;( I have done some searches on Google and also through your link and many say delete the file, doesn't sound right to me.

Thanks anyway.

[Infopro]

Thanks infopro but the information you have provided is to check the sftp info, I already no that.

I am more worried about the users "noshel" on the sftp

I'm not sure I'm understanding you. You asked about some users using SFTP, and I explained (something you already knew) how I thought they are doing it. Because the Info is there for them to use, now.

Also a link to Google hmmm not exactly the best solution now is it;

Why not? Did you just want a command to run without knowing what you are doing? Reading up on how to remove a simlink before doing so is surely better, don't you think?

( I have done some searches on Google and also through your link and many say delete the file, doesn't sound right to me.

Thanks anyway.

The one you posted that you ran didn't work out so well for you.
ln -s /bin/false /usr/libexec/openssh/sftp-server

And your SSH doesn't start now.
You asked how to reverse it. Removing the simlink is how you'd reverse it.


There are several threads on the forums that may help if disabling SFTP is what you want to do.
http://forums.cpanel.net/showthread....t=disable+SFTP
http://forums.cpanel.net/showthread....t=disable+SFTP

But that's not what you asked about. I don't think.

Sorry I couldn't help.

[yamaharr1]

Hello infopro,

OK, I get your responses now.

I'm not sure I'm understanding you. You asked about some users using SFTP, and I explained (something you already knew) how I thought they are doing it. Because the Info is there for them to use, now.

I was fine with this response but also was looking for info if users thought this was safe or not, I have read through the forums and seen conflicting information and was looking for clarification because some of the posts were old.

Why not? Did you just want a command to run without knowing what you are doing? Reading up on how to remove a simlink before doing so is surely better, don't you think?

Yes I did, as the SSH was down and going to Google to study with a down system well is a bit time consuming. I was doing my own studying and what was said just didn't make sense so the command is what I was after to fix it and then I could have learned more about it when there wasn't so much pressure.

The one you posted that you ran didn't work out so well for you.
ln -s /bin/false /usr/libexec/openssh/sftp-server

And your SSH doesn't start now.
You asked how to reverse it. Removing the simlink is how you'd reverse it.

Yes I got that but what they say is delete the file, hmmm I f- up once but to go in and delete a file without knowing just seems wrong to me especially when the file has so much info in it. But I do not know and some of the information is rather confusing that is why I had posted it here hoping for better defined information.

The links you have added thank you I will review them and see if I can get it through my head what to do.

Thanks again as you are always helpful.

[Infopro]

Thanks again as you are always helpful.

Not really I don't think, but I continue to try anyway. (and take a beating at times for that)

It's how I learn things along the way. If someone asks something that's not so complex I like to dig for the answer myself to find out more, then share it in the hopes it helps another somehow.

What I go by myself is, if in doubt, rename the file instead of deleting it. If something breaks you can hopefully get back in and rename it back again. I'm also a big fan of CSE. http://www.configserver.com/cp/cse.html

I am sure there are posts here on these forums that'll help you with specific commands if that's all you want. Me, I like to read multiple sources and come to a conclusion from the sum of those sources found. (via these forums search and google)

And is why I gave you the google link and not just a command. I don't want to be the one that gave you some Info that hoses your server.