The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is JailShell secure enough?

Discussion in 'General Discussion' started by amard, Jun 6, 2005.

  1. amard

    amard Well-Known Member

    Joined:
    Jan 18, 2003
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Herts, UK
    Hi,

    We're tempted to enable JailShell on all customer accounts, simply because we want customers to start using SFTP rather then FTP.

    Is JailShell secure enough to offer to everyone and are there any down sides?

    Is it possible to allow just SFTP access without enabling JailShell on a CPanel server?

    Thanks

    :)
     
  2. Aric1

    Aric1 Well-Known Member

    Joined:
    Oct 15, 2003
    Messages:
    324
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    SFTP requires SSH access to work.

    While you could hide the SSH icon from users CPANELs to make it less obvious, I'm sure it will be quite clear to at least some of your users that enabling SFTP also means they have SSH access.

    Jailshell will restrict access so your users will find it more difficult to exploit your server using it, but even jailshell isn't foolproof.

    In my mind the shell access for all users is more of a security concern than users using standard FTP, but it's up to you.
     
  3. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
  4. xvihost

    xvihost Active Member

    Joined:
    Sep 8, 2005
    Messages:
    33
    Likes Received:
    0
    Trophy Points:
    6
    This method of enabling shell access and then changing the account using usermod does not seem to be working anymore?

    Using
    WHM 10.6.0 cPanel 10.6.0-R158
    CentOS 4.1 i686 - WHM X v3.1.0

    After running the usermod command I cannot seem to SSH to the server at all. Password authentication fails. Is there something I need to do after or before running the usermod command after enabling shell access for the user?

    Thanks in advance,
    Tom
     
Loading...

Share This Page