Features  Scripting SSH Access
SSH Access
 SSH access allows clients to take advantage of easy maintenance of their sites in a LINUX shell. Clients are able to roam through their sites, change permissions, move files, delete files, and debug scripts. Compiling programs or manipulation of MySQL databases is also possible (depending on your hosting plan). SSH is a replacement for the insecure telnet and with tools such as Putty it becomes just as easy to use your shell account as you used to with the old telnet.
Available Shells
Shells are programs (that are not part of the operating system kernel) that allow you to run programs through the command line and see their output. There are different types of shells available to our customers.
Jailed Shell
cPanel's jailed shell came from service providers' desire to establish a clean cut separation between the various services and customers, mainly for security and ease of administration reasons. Instead of adding a new layer of fine-grained configuration options, the solution adopted was to compartmentalize the system, both its files and its resources, in such a way that only the right person(s) are allowed access to the right compartment(s).
Bourne-Again Shell (bash)
The folks from the Free Software Foundation created an exceedingly souped-up version of the so called Bourne shell with automated command completion and plenty of additional functionality. Linux systems typically choose Bash as the "basic" shell used by default. This is by far the most popular shell used by our customers.
Korn shell (ksh)
Korn shell (ksh) written by David Korn, of Bell Labs, is available on virtually any Unix-like system sold in the 1990's and beyond.
It's a reasonable platform for both interactive system control as well as shell script programming, providing far superior functionality to the Bourne Shell. In many cases, it is quite a bit faster, too.
Z Shell (zsh)
Zsh is basically an extended bourne shell with a large number of improvements, including some of the most useful features of bash, ksh, and tcsh.
|
Recent news from comp.security.ssh
-
Re: Ubuntu/Debian vulnerability impact?
I permit ssh-ing in (using hosts.allow) only from a single
solaris box admin'ed by an old colleague, a NetBSD box admin'ed
by a BoFH and a half, and another Debian box admin'ed by a former
Debian project lead. So you either need to break both host_access
and ssh, or break into two separate boxes.
I've always been a login-as-luser, su/sudo for root access, kind
-
Re: Ubuntu/Debian vulnerability impact?
I have the ssh port open at all times.
I permit root logon only by authorized_keys, and several other logons
explicitly, but by default all other usernames are blocked.
-
Re: Ubuntu/Debian vulnerability impact?
Yup, on one briefly mis-configured machine, I was actually opening
the port to them, and could see that they were doing a dictionary
attack on both passwords and account names. (I heard the server
writing logs constantly, and noticed sshd PIDs steadily increase,
so shut the door pretty soon.)
Phil
-
Re: SSH login with other user's keys
Below is the excerpt I am getting.
debug1: Trying RSA authentication with key
'/home/mdmbuild/.ssh/vault-ide ntity'
debug1: Remote: Your host 'hostname.com' is not
permitted to use this key for login.
debug1: Server refused our key.
-
SSH login with other user's keys
I have an account called mdmbuild on my machine that does not have a
password. It's a headless account. I have ssh public and private keys
for the account. The public keys are already there on the machine I
want to log on to.
But the problem is the remote machine is not accepting my private keys
as they were generated on a different machine.
|
|
HOSTING PLANS
4GB, Mailing Lists, SSH, 3 Domains
More | Order
|
