Answer the question
In order to leave comments, you need to log in
F
F
FedLab2013-10-10 11:34:59
FedLab, 2013-10-10 11:34:59
Is it safe to give clients access to sFTP
Hello. I am not strong in system administration (please do not kick hard).
There is a server (centos 6.5 + vesta control panel - standard ftp-server).
For each client, a separate user is made, in it and, accordingly, their sites. Access (chrootdirectory) is limited for these users to the /home directory or the user's folder -% h (in ssh_config).
Is it smart/safe to give the client access to sftp, respectively, and access to ssh is obtained?
Or is it better to return the FTP client and give access to it only? They only need access to files (maybe they will).
3 answer(s)
@Nastradamus
@foxmuldercp
@kenny_opennix
N
Nastradamus, 2013-10-10 @Nastradamus
Please note that there are many ways to get out of these chroots if you give a shell to such users.
If the shell is /bin/false, then everything should be fine.
N
Nikolai Turnaviotov, 2013-10-10 @foxmuldercp
there is a post for you in the topic, for example habrahabr.ru/post/89473/
K
kenny_opennix, 2013-10-10 @kenny_opennix
It is not safe, in general, to give access to the console, it is fraught with incomprehensible people, an example from life, I came to one of the providers of the big three (more precisely, a daughter). , I noticed that rman stopped working, I start checking, and oh my God, the oracle user account was hacked, moreover, they compiled and launched the software from him, I start asking those who installed it, it turned out that the user was given access via ssh + the password was not secure.
For me, the fewer people have access to the console, the calmer.
Similar questions
N
Nikolay Romanov2018-04-04 14:50:15
How to block a site from everyone except 1 region of Russia?
3Reply
S
A
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question