Hi Guys!

Is there anyone who can tell me how to get a secure and locked down SFTP/SSH to user home directory.

I don't want to use FTP (ProFDPd), due to security reasons... every one tells me so anyway.

Started to use SFTP/SSH instead... an even BIGGER security problem because the whole server is open for everyone all the way down to / ohh yes, except for other user homes.

I find Scponly as an shell option, but I don't know how to configure and/or build the jail.

BTW, our box is a Fedora Core 6 and Virtualmin Pro.

Regards,
Leif

Hey Leif,

I'm curious why you feel this is a security issue? There shouldn't be any sensitive information anywhere except in /home, and those can now be locked down quite tightly.

If hiding the filesystem is a goal for you, then use ProFTPd, and enable the FTP over SSL/TLS features. That gives you chroot-like features, without the very real security problems caused by chroot-ing ssh.

When you chroot or "jail" SSH, you actually break a primary security mechanism in SSH (privilege separation). And, if ever a problem is introduced into your chroot environment, you'll have a root-level exploit on your hands.

It's because of these problems with chrooted SSH that we've opted not to offer it as an option. Technically, it isn't all that hard to setup--but the consequences of a problem are dramatic.

Hi Joe,

I actually don't think customers should be able to see, change, upload or download system files on the server! Don't you think it's a "security" issue have anyone in your system files and folders?

I'll will try the FTP over SSL/TLS.

Regards,
Leif

I actually don't think customers should be able to see, change, upload or download system files on the server!

Ah. Now we get to the heart of the matter. They can't do any of those things except see them. (Unless something is horribly amiss on your system.)

Is seeing them a problem?

Hi Joe,

All I have done is downloaded a bunch of files from a many different folders on the server, so you say that non of the files that you can download contains any sensitive information. And I actually don't know where to look that either... so I have to trust you on this(not so hard to do :-) ) and if the user cant do anyting with non of the files then I don't need to worry so much.

To get the users to stay in their homes would of course be preffered. But as log as they can't do anything with the files, or get some information out of them I think it's ok just seeing.

Regards,
Leif

Hey Leif,

Hehehe...Yeah, I guess it would seem shocking, if you haven't been using UNIX for a long time. But, you'll note that things that do contain sensitive information, like /etc/shadow, are completely inaccessible to your normal users. And, of course, if there's any other files you want to lock up, you certainly can--most things in /etc can be locked down a little tighter without actually breaking things. But they generally aren't particularly sensitive.

UNIX is historically a multi-user system, so it's really quite comfortable with people poking around in its innards (while still protecting against threats...like memory snooping for passwords).

Thanks Joe,

Feels good to know... And as I said, my concern was that some user could break things. Finaly I can put a lid on this! Thanks! :-)

Regards,
Leif