The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

root access from ssh in cpanel

Discussion in 'General Discussion' started by AbeFroman, Feb 21, 2002.

  1. AbeFroman

    AbeFroman BANNED

    Joined:
    Feb 16, 2002
    Messages:
    654
    Likes Received:
    1
    Trophy Points:
    0
    how can i get root access from ssh in cpanel?
     
  2. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    Inside an end-user's cpanel?
    Impossible.

    Unless you give them access to the wheel group which would be suicidal IMHO- but it's your server.
    For details on that see the &wheel group& option in the left pane of your WHManager.


    good luck.
     
  3. gorgo

    gorgo Well-Known Member

    Joined:
    Jan 9, 2002
    Messages:
    148
    Likes Received:
    0
    Trophy Points:
    16
    Hey Nick, this sounds almost like a feature request, not to have root access from the Customer Cpanel, but include a Java SSH Client to the WHM so people can SSH in from remote locations easily.
     
  4. Domenico

    Domenico Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    361
    Likes Received:
    0
    Trophy Points:
    16
    Hmmm, you want something like MindTerm (free)
    http://www.appgate.com/ag.asp?template=products&level1=product_mindterm

    I asked a friend of mine to check if it's safe to use but he said it was NOT safe because he got it hacked within 5 minutes or so.

    His hacking skills are very high (he's top notch and many companies, BIG companies ask for his advice) like he got ROOT acces easily from all those LIVE SUPPORT SYSTEMS while chatting with them. He asks for live support and while initiating the chat he enters, so know you all know such a system is NOT safe either ;-)

    Only a few people have such high hacking skills and he says nothing is safe. Does this mean not to install anything the? No offcourse not but just be carefull and think twice about security. I know many people (webhosters) don't think about it at all.

    Guess who is securing my servers.
    Domenico
     
  5. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    Uhh, do you trust your friend not to BS you. Alot of people are just &wanabe hackers& and basically just talk crap. Not saying your friend isnt a &hacker& and all but some people just talk BS.
     
  6. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    [quote:e64e5b48b4][i:e64e5b48b4]Originally posted by Domenico[/i:e64e5b48b4]

    Hmmm, you want something like MindTerm (free)
    http://www.appgate.com/ag.asp?template=products&level1=product_mindterm

    I asked a friend of mine to check if it's safe to use but he said it was NOT safe because he got it hacked within 5 minutes or so.

    His hacking skills are very high (he's top notch and many companies, BIG companies ask for his advice) like he got ROOT acces easily from all those LIVE SUPPORT SYSTEMS while chatting with them. He asks for live support and while initiating the chat he enters, so know you all know such a system is NOT safe either ;-)

    Only a few people have such high hacking skills and he says nothing is safe. Does this mean not to install anything the? No offcourse not but just be carefull and think twice about security. I know many people (webhosters) don't think about it at all.

    Guess who is securing my servers.
    Domenico
    [/quote:e64e5b48b4]

    this is interesting .. lately I get a few clicks on my Live Person chat from my site and the visitor doesn't say a word and then just leaves. Are they grabbing my IP and then sniffing my traffic?
     
  7. gorgo

    gorgo Well-Known Member

    Joined:
    Jan 9, 2002
    Messages:
    148
    Likes Received:
    0
    Trophy Points:
    16
    live Helper applications do not contain your IP Address on the web site...

    Generally how it works is:

    The client clicks a web site icon to bring up live helper, that page calls the live helper server and passes your ID to it, then the server contacts your application and communicates between the 2 accordingly...

    Since live helper uses Javascript to control the conversation, and no actual programming, your IP is not actually there.
     
  8. Domenico

    Domenico Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    361
    Likes Received:
    0
    Trophy Points:
    16
    Believe me guys, this hack (live helper and others) is genuine.

    Do I trust him?
    Well, I know him for more then ten years and he has discovered holes through the years that were posted on bugtraq and others a year later. This guy is one of the best! It's black hat turned white...

    This guy (and the others I know too) is for real and yes I do trust him. And what do you think you could do when you didn't? He can jump though the apache setup screen and gain root access while you are at not watching and that's the most easy thing he can do ;-)

    Well, you can read all about the livehelper trick within a year or so... my advice, DON'T USE IT! I know only one person at the moment that can do this. Some of you that know a lot about security and have more than average knowledge can tell that it is possible.

    Anyways, I wanted SSH through cPanel also but after what he showed me I'd better and will not.

    You don't have to believe me offcourse but if I where you I should.
    Oh, I forgot to tell you about the other holes in the system ;-)

    Domenico
     
Loading...

Share This Page