New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
The platform is managed by 20i including SSH access.
When a user first connections it advises do not use sudo or leave your home directory, that is a simple and clear warning, if you attempt do it is clear to anyone there will be some type of security that will kick in ain some way.
This edited reply. here
Lets break this down
You connect to SSH and read the warning do not use sudo
You use sudo after reading that warning and also the thread here about another user who used sudo
You state "And I still want to find what kind of operation are forbidden in this service"
You had read about not using sudo in your own SSH terminal, you use it and it becomes blocked.
You contact us about the block, we ask a few simple questions regarding the intended use, the reply is vague and evasive.
At the time of these vague replies, you also post "I still want to find what kind of operation are forbidden in this service" which combined with a vague reply and the replies advising the policy that works fine for hundreds of our users and thousands of 20i customers because you cannot follow the simple rule of do not use sudo.
As all businesses have the right to decide who they do and no not provide services to, your activity and general manner raised a number of red flags and it was decided the red flags out number the positives of providing a service to you, this decided we took a backup of your account, provided this in the ticket reply and issued a refund right away to allow you move on to a provider that can provide the service you need without the need to waste your time by becoming blocked over and over again as you have stated yourself "find what kind of operation are forbidden in this service"
We have provided the information and will not provide you further responses of back and forth which is just going to be a waste of everyone involved time.
We hope you are able to find a provider that can meet your needs going forward.
@xhosts dont read what i am writing here. its a clear warning!
You guys are unreasonable!!!
I had said several times! You mix me and @letstayfree!
I never post things like "And I still want to find what kind of operation are forbidden in this service". Did you see my reply or not!
You guys just make up thing and not admit you Acknowledge the wrong person!
What type of security is that? Why ask a user not to leave their home directory instead of relying on standard security features like file permissions, namespaces, etc?
Or to put it another way - has the security of that SSH access been independently audited by a trusted third party?
I have just ordered a webhosting package from xhosts and will investigate what is going on. it smells of “security methods” that could be fatal.
? He's reviewing the host. It is forbidden to criticize a host now?
Guys I just want to clarify that I am interested in xhost and would like to try as I thoght they would like to work like serv00.com: which allows ssh and no root access webhosting and provides 3 ports for users. So I asked in their selling thread about if they support ssh and how many ports would be open.
Just the words in the screenshot: no sudo or leave home dir. I am also curious about what will happen if a sudo is executed. Then banned, so I opened a ticket ask them why. They told me not to use sudo, then I tried a vpn script works on serv00(no need root). After that I found no ports open so I stopped the script running and quit.
After that i thought it's just a simple webhisting and two days later when i logon i found my web app on their host was blocked!no warning and no mails at all. I just eat the apple that killed me?
No matter which side you’re on, I get it. There are both hosting providers and regular users here, and everyone has their own perspective and background. I just want to say—I’m not trying to do anything bad. As an IT enthusiast, I just like exploring different things in my own way. What i thought that should be a warning instead of a unnotified termination. sudo is not criminal
interesting post. let me help OP point out, because it seems he didn't remember what he typed.
this is you and this is your post, right?
I don't know why this is so hard to understand, @Chellii
If you didn't get a refund, you'd have a valid complaint.
But you got or are getting a refund, so just...
Perhaps you're morally right. Even so...
Maybe the host is in the wrong. Even so, you should...
In conclusion:
Their cheapest web hosting plan is 2 euros/month. That's pretty expensive for a basic 10GB web LET hosting plan. So he's in his right to be frustrated.
Service the customer bought, our one time fee hosting package on LET not a monthly fee package
Lol I've to admit I would get curious too! If I remember correctly I did try sudo with either HostBrr or Netdynamics, but they just returned some errors.
In my opinion this is a better warning banner
Please do not use 'sudo' or leave your home directory, or you will get BANNEDblock sudo and give username.
I mean I'd probably have typed sudo too, it's an odd message.
Mind you, ban whoever you want, he got a refund who cares, but people are gonna take the bait when you dangle it.
Out of curiosity (!), I've just tried to execute
sudoon a very inexpensive shared hosting plan that I have (at a different provider):Now I'm suddenly worried that the provider will kick me out!
I'll try a few shared hosting accounts that I use.
I'll inform if any of them bans me.
My guess they won't but let's see.
Leave your home directory? With all due respect, while you were well within your rights to cancel/refund the user, this does not inspire any confidence in the 20i platform's security. If I want to use /tmp for a moment, does that mean my access gets immediately disabled?
You state this is a limitation of 20i -- fine. But remember, you also made a conscious decision to use their systems. I hope you are confident in their practices and the platform as a whole.
Edit -- I see @cmeerw got to the issue first. Feel free to ignore.
Can you try
find /or try reading/dev/sda1(or whatever the disk file path is)?got banned already!
What if your tmp is in home directory and you never leave it? Bind, chroot whatever :-D
Bind, chroot? sounds like a BAN to me
lol, how much did the experiment cost? were you able to run any command before the ban?
More importantly, is the /tmp shared between all users?
No need. The standard sudo checks to see if you have permission to run the command you're attempting to run (it's actually very configurable, e.g. on one server I have permission to
sudo rndc reload <domain>but nothing else).If you don't have permission, a message is sent to syslog, where it's trivial to pick it up by a user tool. Because syslog messages can be sent to another host, it'd even be easy to monitor an entire cluster of hosts for this.
Not for sudo.
The warning about changing directory seems a bit more aggressive, and hard to do in practice, but they meant "don't access things outside your directory" they could enforce that (and again log to syslog) using apparmor.
Heh?
This 20i platform sucks big!
Which other provider uses this pile of garbage?
Since the provider hasn't yet kicked me out (!), I decided to try to enter
/tmpand to create a file there!Now I'm really playing with fire and surely deserve to be kicked out!
We have been selling 20i shared hosting since 2017 and had only a handful of issues although selling a number of monthly accounts in that time which covers the costs to allow us to provide these one time fee deals from time to time.
The only time there appears to be issues would be when people attempt to be smart and test how far they are able to push a standard account before something happens.
As most people would know standard SSH access on a shared platform is for such things as importing database, debug/test cron, edit or move files around standard directories.
20i works differently to the likes of cPanel/Directadmin, the best suggestion no matter the provider, if you are unsure ask a question to get the information you need before either ordering or attempting what you intend to do, asking the question can avoid most issues.
As proven here there are always a few who attempt to take things to the extreme in cases rather than make contact or feel they have the right to dictate how a provider implements their rules and polices.
I have asked a lot of these questions directly to 20i to get some clear cut information
This is the response so far
To lay some groundwork, SSH on our shared hosting platform (which Reseller utilises) is intended for managing the files and database via common file operations, the MySQL CLI, and other applications such as WP CLI or Composer.
The reason sudo is blocked rather than ignored is because on a simple level, this is the more secure option - it allows us time to investigate any potential threats or malicious use, such as ticket XXXXXXXXXXXX mentioned earlier in which your user was banned previously. As a secondary effect, it does force a ticket for it to be unblocked, meaning that we can go over the rules pertaining to sudo being a disallowed command on the shared hosting platform.
If a user does require using such commands, Self-Managed VPS' are a better option, since they're wholly managed by the user themselves and can run these types of command without a block.
I have confirmed with a colleague that writing to /tmp is allowed, and can be done without leaving the home directory, but it is monitored for security purposes in the same vein as other commands being ran - again, such as the commands used in the case of ticket XXXXXXXXXXXX.
I've set this ticket to be reopened for tomorrow as per my colleague Marc's suggestion as well - we'll let you know ASAP once we have word back.
I have redacted ticket/case numbers for security of the clients in question.
So the user can read files in /tmp created by other users?