cagefs, ssh
Announcement
Collapse
No announcement yet.
cagefs and some questions
Collapse
X
-
Hi there,
Im looking to have cagefs on my severs for current jailshell users and i have some questions.
Although i see there are a instructions to install in a specific cpanel server, looks like there isnt any plugin or graphical way to active per user as it have currently for jailshell or shell in WHM.
Should i proceed to first disable all the shell/jailshell at cpanel and then enable cagefs for the desired users?
What happen if by error once cagefs is enabled in a user i go ahead and enable cpanel jailshell for that same user, this will somehow create a conflict?
IS there any eta for a non-beta version?
Thanx in advance!
-
I have a few questions as well
1) I recently went through some hoops to get rssh setup so that i can provide users scp access. so does this actually allow someone to ssh or scp into the server if active without having ssh enabled? I read the docs but really am still unclear.
2) does it only create 1 set of extra binaries (unlike jailshell which creates a new set for every user)?
thanks
Comment
-
1. You would still need to enable SSH for the user -- like you would regularly do it. It just that would not see anyone on the server but themselves, and their ability to do any damage (or to discover any info they shouldn be able to discover) highly diminished.
2. Yes, one set of binaries for all.
3. Wait for CageFS 3.0 -- should be coming out tomorrow... or I will start firing my developers
Comment
-
1. CageFS covers shell, cron jobs and web sessions. Enabling cagefs for the user will make sure that if user executes anything via any of this 3 vectors, it will be caged.
2.You should disable JailShell when using CageFS (as cagefs provides similar infrastructure + more).
3. If user has shell enabled, his shell session will be caged (as long as he has CageFS enabled), if shell is disabled -- he will not have shell access.
Comment
-
Thanx Igor...to clarify, in my case i only provide Jailshell to users so in this case i have to disable jailshell, then enabled Shell and then enable cagefs? Or simply disabling jailshell and enabling cagefs it will automatically enable shell too in cpanel?
Or i have to go to enable shell and then enable cagefs for those users?
Thanx again!
Comment
-
Thanx Igor...to clarify, in my case i only provide Jailshell to users so in this case i have to disable jailshell, then enabled Shell and then enable cagefs? Or simply disabling jailshell and enabling cagefs it will automatically enable shell too in cpanel?
Or i have to go to enable shell and then enable cagefs for those users?
Thanx again!
Comment
Comment