Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

User Accessing via SSH Despite....

Discussion in 'General Discussion' started by TitaniumHosting, May 11, 2006.

  1. TitaniumHosting

    TitaniumHosting Well-Known Member

    Joined:
    Dec 11, 2004
    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Ireland
    Ok,
    According to some logs, one of our clients, a reseller, is accessing their account via SSH, despite it being disabled in WHM root. Is this possible? And, if so, what can be done to prevent it, and how are they doing it?

    Thanks,
    Dan.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. rootsupport

    rootsupport Member

    Joined:
    May 2, 2006
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    India
    If you could paste the logs here that would be helpful.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    4
    Trophy Points:
    193
    Location:
    Minneapolis, MN
    Yes, it is possible, if that reseller knows Linux very well. The best way, in this cae, to prevent any body from accessing your server are:
    1) Activate /etc/host.allow and /etc/host.deny
    Unless you add the IP of a client, otherwise they won't be able to SSH to your server

    2) Do NOT enable shell access, normal and/or jailshell to any of your clients.

    3) Add a user on top of your root to access shell. That means you'll login as a user (let's say admin) and then you can su to root.

    Hope this helps!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. lloyd_tennison

    lloyd_tennison Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    698
    Likes Received:
    1
    Trophy Points:
    168
    A real simple hack to to just change the port number to one they do not know. It would take a ling time to check and find it...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice