Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
SFTP chroot on hosting environment with openssh
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

SFTP chroot on hosting environment with openssh

Hello Everyone,
I'm newbie in business, Just start my own web hosting service (with website package).
We uses Virtualmin as hosting control panel, and found any ssh user can access other user folder even root/system level folders.

The problem is now I'm removed sftp access for all user by removing subserver-sftp and user asking for sftp access. Is this possible to chroot sftp (like ftp) ?? Please help me.

Do you think SFTP is more secure then FTP
  1. Yes, SFTP is very Secure4 votes
    1. No. FTP is more secure
        0.00%
    2. Both are Same
      100.00%

Hire me for Server setup and maintenance, Web Designing or WordPress setup at: midfold.com.

Visit my Personal website to know more about me: rohitagarwal.midfold.com.

Comments

  • We have precisely a storage solution working with a bunch of protocols.

    A solution we propose is to mount the storage space via sshfs, use MySecureShell, a sFTP server based upon OpenSSH than will allow you to 'chroot' your users so one cannot see the others' directories.

    Hope it can help ! :)

  • Thanks @sdes, I'm going to try this with my test server, As we uses mini server with 3gb physical RAM. I have to see the CPU and RAM uses. Hope it will work. :-)

    Hire me for Server setup and maintenance, Web Designing or WordPress setup at: midfold.com.

    Visit my Personal website to know more about me: rohitagarwal.midfold.com.

  • FTPS with enforced SSL/TLS is an alternative. proftpd does it nicely along with chrooting users.

  • outanceoutance Member without signature

    Just provide virtualmin ftp access to user as alternative. MySecureShell is GUI based service so It required more then 100mb RAM and CPU process on server.

    Changed to @aceance

    Hire Aceance to fulfill your website Designing & server maintenance needs.

  • internal-sftp supports chroot. And you already have it, since it's part of sshd

  • @marrco, can you provide me any tutorial link, how to enable chroot for sftp.. As i will use server for shared hosting, so its hard to maintain sftp permission manually.

    Hire me for Server setup and maintenance, Web Designing or WordPress setup at: midfold.com.

    Visit my Personal website to know more about me: rohitagarwal.midfold.com.

  • @rohitpoint good luck with your web hosting business. Here's an old tutorial: http://www.howtoforge.com/restricting-users-to-sftp-plus-setting-up-chrooted-ssh-sftp-debian-squeeze
    and don't forget to learn how to use umask, per site open_basedir limits and basic php security if you don't want your user to mess with each other files.

Sign In or Register to comment.