The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WinSCP able to access when others are not

Discussion in 'General Discussion' started by kenhawkins, Mar 22, 2007.

  1. kenhawkins

    kenhawkins Member

    Joined:
    Jan 12, 2007
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Ok this is a bit strange all shell access has been shut off to users as well ftp except in one user instance. yet when someone uses a WinSCP client they can scp right in and copy/download away.:eek:

    Has anyone else encountered something like this? Is there a configuration somewhere that I have missed in securing up the box?

    further notes:

    passwd file for the users are;
    /sbin/nologin for the shell

    and as a precaution sshd_config has;
    # override default of no subsystems
    #Subsystem sftp /usr/libexec/openssh/sftp-server

    and somehow they are still able to get in...

    thanks,
    ken;
     
    #1 kenhawkins, Mar 22, 2007
    Last edited: Mar 22, 2007
  2. t9clkclnr

    t9clkclnr Well-Known Member

    Joined:
    Jun 11, 2004
    Messages:
    254
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Southern California
    did they setup a key?

    maybe they using a key to get in and not having to enter a password? Not sure that would bypass nologin flags.

    sounds kind of scary regardless.
     
Loading...

Share This Page