Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm running RedHat 7.2. This is a ftp server. (proftpd)
I try to chroot my users on the server....
When the users connect with ftp there is no problems. They are chroot into home folder.
But if the users log directly on the server (with ssh or localy) (Normally they are not suppose to do that, but one day someone will try.... ) they can access everything..... (like a normal user)
Someone know what I have to do to chroot the users also on the server????
Maybe this part of "Securing and Optimizing Linux" (ok, its the RH ed., but that doesn't matter here) may help you understand why you shouldn't offer real shells to chroot ftp server users.
Guess you gotta be more verbose than saying "I followed this and it didn't work".
If user logged in with ftp, look at your ftp/chroot configs, if by ssh, theres a way to chroot users but that only works with key auth, not passwd, and btw, are ssh and ftp user accounts different like it says in the howto? And did you read the whole ftp chapter?
Better post the steps you took to set up the chrooted users (also watch permissions/users) and post (the necessary parts of) your configs.
What else do I need to do? As I said earlier "myuser" can get in ok, but he can navigate outside his directory. How can I check to verify the permissions are what they need to be and trap him in that the respectable directory?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.