Re: Seeing who is logged in through ftp and ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Justin Zygmont wrote:
If you have root jailed users by configuring the ftpaccess file, but have ssh installed, all they have to do is sftp in and go wherever they want. It's a relief to know that at least they can't grab the shadow file too.
I just found a quck way to disable this however, in the /etc/ssh/sshd_config comment out the line: Subsystem sftp /usr/libexec/openssh....

Ok, you've got me confused. I did not think the ftpaccess file had anything to do with sftp. My ftpaccess file is the default, and it does not allow root ftp access. Yet, I can sftp to another machine as root.

Yes, a non-root user can go anywhere they want. But try this:

(as a non-root user):

sftp some_host_name
sftp> cd /var/log
sftp> get messages





--
Psyche-list mailing list
Psyche-list@redhat.com
https://listman.redhat.com/mailman/listinfo/psyche-list
[Index of Archives]     [Fedora General Discussion]     [Red Hat General Discussion]     [Centos]     [Kernel]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat 9]     [Gimp]     [Yosemite News]

  Powered by Linux