The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need some help and info for sftp-server

Discussion in 'General Discussion' started by yamaharr1, Apr 10, 2009.

  1. yamaharr1

    yamaharr1 Well-Known Member

    Joined:
    Jun 22, 2007
    Messages:
    91
    Likes Received:
    0
    Trophy Points:
    6
    I have a couple of users entering in through the sftp-server and wanted to know if this is something I should be worried about? Should (if it even can be) the sftp-server be shut down?

    When I do
    pic /etc/passwd | grep user

    It returns
    /home/user:/usr/local/cpanel/bin/noshel

    From some of the searches I have done the noshell is a bad thing, how do I change it? And to what?

    I do allow some accounts to have SSH access and I do have those accounts set as jailshell through WHM but the account in the example above does not have SSH allowed.

    Basically any information anyone is willing to provide is greatly appreciated.

    cPanel 11.24.4-C35075 - WHM 11.24.2 - X 3.9
    CENTOS 5.2 i686 standard on server
     
  2. yamaharr1

    yamaharr1 Well-Known Member

    Joined:
    Jun 22, 2007
    Messages:
    91
    Likes Received:
    0
    Trophy Points:
    6
    I have tried an old command I think and now it has given me a failed so it is something stupid on my part, if anyone knows how I can reverse it.

    I issued the command: ln -s /bin/false /usr/libexec/openssh/sftp-server and once I went to restart the SSH it has now failed, any ideas on reversing this would also be appreciated :)
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,446
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    As long as it's one of your users, not to worry too much I don't think.

    If you login to a cPanel account and click the FTP accounts icon, half way down that page you'll see the user account name, type, and so on. Under the Functions section that icon titled "Configure FTP Client" if you click that you'll be taken to a page that lists SFTP connection port number for your users to use for SFTP.


    This should help.

    http://www.google.com/search?hl=en&q=remove+symbolic+link+to+file
     
  4. yamaharr1

    yamaharr1 Well-Known Member

    Joined:
    Jun 22, 2007
    Messages:
    91
    Likes Received:
    0
    Trophy Points:
    6
    Thanks infopro but the information you have provided is to check the sftp info, I already no that.

    I am more worried about the users "noshel" on the sftp

    Also a link to Google hmmm not exactly the best solution now is it;( I have done some searches on Google and also through your link and many say delete the file, doesn't sound right to me.

    Thanks anyway.
     
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,446
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I'm not sure I'm understanding you. You asked about some users using SFTP, and I explained (something you already knew) how I thought they are doing it. Because the Info is there for them to use, now.

    Why not? Did you just want a command to run without knowing what you are doing? Reading up on how to remove a simlink before doing so is surely better, don't you think?

    The one you posted that you ran didn't work out so well for you.
    ln -s /bin/false /usr/libexec/openssh/sftp-server

    And your SSH doesn't start now.
    You asked how to reverse it. Removing the simlink is how you'd reverse it.


    There are several threads on the forums that may help if disabling SFTP is what you want to do.
    http://forums.cpanel.net/showthread.php?t=83169&highlight=disable+SFTP
    http://forums.cpanel.net/showthread.php?t=50874&highlight=disable+SFTP

    But that's not what you asked about. I don't think.

    Sorry I couldn't help.
     
  6. yamaharr1

    yamaharr1 Well-Known Member

    Joined:
    Jun 22, 2007
    Messages:
    91
    Likes Received:
    0
    Trophy Points:
    6
    Hello infopro,

    OK, I get your responses now.

    I was fine with this response but also was looking for info if users thought this was safe or not, I have read through the forums and seen conflicting information and was looking for clarification because some of the posts were old.

    Yes I did, as the SSH was down and going to Google to study with a down system well is a bit time consuming. I was doing my own studying and what was said just didn't make sense so the command is what I was after to fix it and then I could have learned more about it when there wasn't so much pressure.


    Yes I got that but what they say is delete the file, hmmm I f- up once but to go in and delete a file without knowing just seems wrong to me especially when the file has so much info in it. But I do not know and some of the information is rather confusing that is why I had posted it here hoping for better defined information.

    The links you have added thank you I will review them and see if I can get it through my head what to do.

    Thanks again as you are always helpful.
     
  7. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,446
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Not really I don't think, but I continue to try anyway. (and take a beating at times for that)

    It's how I learn things along the way. If someone asks something that's not so complex I like to dig for the answer myself to find out more, then share it in the hopes it helps another somehow.

    What I go by myself is, if in doubt, rename the file instead of deleting it. If something breaks you can hopefully get back in and rename it back again. I'm also a big fan of CSE. http://www.configserver.com/cp/cse.html

    I am sure there are posts here on these forums that'll help you with specific commands if that's all you want. Me, I like to read multiple sources and come to a conclusion from the sum of those sources found. (via these forums search and google)

    And is why I gave you the google link and not just a command. I don't want to be the one that gave you some Info that hoses your server.
     
Loading...

Share This Page