Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


SFTP chroot on hosting environment with openssh
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

SFTP chroot on hosting environment with openssh

Hello Everyone,
I'm newbie in business, Just start my own web hosting service (with website package).
We uses Virtualmin as hosting control panel, and found any ssh user can access other user folder even root/system level folders.

The problem is now I'm removed sftp access for all user by removing subserver-sftp and user asking for sftp access. Is this possible to chroot sftp (like ftp) ?? Please help me.

Do you think SFTP is more secure then FTP
  1. Yes, SFTP is very Secure4 votes
    1. No. FTP is more secure
        0.00%
    2. Both are Same
      100.00%

Comments

  • We have precisely a storage solution working with a bunch of protocols.

    A solution we propose is to mount the storage space via sshfs, use MySecureShell, a sFTP server based upon OpenSSH than will allow you to 'chroot' your users so one cannot see the others' directories.

    Hope it can help ! :)

  • Thanks @sdes, I'm going to try this with my test server, As we uses mini server with 3gb physical RAM. I have to see the CPU and RAM uses. Hope it will work. :-)

  • FTPS with enforced SSL/TLS is an alternative. proftpd does it nicely along with chrooting users.

  • Just provide virtualmin ftp access to user as alternative. MySecureShell is GUI based service so It required more then 100mb RAM and CPU process on server.

  • internal-sftp supports chroot. And you already have it, since it's part of sshd

  • @marrco, can you provide me any tutorial link, how to enable chroot for sftp.. As i will use server for shared hosting, so its hard to maintain sftp permission manually.

  • @rohitpoint good luck with your web hosting business. Here's an old tutorial: http://www.howtoforge.com/restricting-users-to-sftp-plus-setting-up-chrooted-ssh-sftp-debian-squeeze
    and don't forget to learn how to use umask, per site open_basedir limits and basic php security if you don't want your user to mess with each other files.

Sign In or Register to comment.