{"id":608,"date":"2016-09-21T11:54:37","date_gmt":"2016-09-21T15:54:37","guid":{"rendered":"http:\/\/easy-admin.ca\/?p=608"},"modified":"2016-09-28T21:01:05","modified_gmt":"2016-09-29T01:01:05","slug":"centos-prevent-root-browsing-with-sftp","status":"publish","type":"post","link":"https:\/\/easy-admin.ca\/index.php\/2016\/09\/21\/centos-prevent-root-browsing-with-sftp\/","title":{"rendered":"Prevent new user to browse your CentOS server using sFTP"},"content":{"rendered":"

Good day!<\/strong> <\/em>I run into a problem yesterday that allowed a new created account to navigate my entire CentOS server when connecting using sFTP protocol<\/strong>. Here is the step by step guide to fix this major problem in CentOS\/Webmin\/VirtualMIN.<\/p>\n

    \n
      \n
    1. Create a new account in VirtualMIN \/ Ex. mynewwebsite.com
      \n<\/strong>After you created the new account you will have to set things up so that when this new account user connect to your sFTP (I use proFTPD) they will not be able to navigate your entire server.<\/li>\n<\/ol>\n<\/ol>\n

      NOTE:<\/strong> You will have to create a new UserGroup : sftpusers<\/p>\n

      In webmin, navigate to this section \/Others\/File Manager\/ Once you are there select the new created account<\/p>\n

      \/home\/mynewwebsite<\/strong><\/p>\n

      You will have to do 3 more steps
      \n<\/strong><\/span><\/h4>\n
        \n
      1. CHOWN the new created directory to ROOT
        \nNOTE :<\/strong> Do not use recursive!<\/li>\n
      2. You have to set now the directory permissions to 0755<\/li>\n
      3. Run this command in Shell # usermod -G sftpusers USERNAME<\/strong><\/li>\n<\/ol>\n

        \"proftpd-root-01\"<\/a><\/p>\n

        NOTE :<\/strong> This will add your new created account to the sFTPusers group!<\/p>\n

        After this your new created account will only have permission to navigate into the directory \/home\/mynewwebsite\/ when connecting with sFTP<\/strong>.<\/p>\n

        Enjoy!<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

        Good day! I run into a problem yesterday that allowed a new created account to navigate my entire CentOS server when connecting using sFTP protocol. Here is the step by step guide to fix this major problem in CentOS\/Webmin\/VirtualMIN. Create a new account in VirtualMIN \/ Ex. mynewwebsite.com After you created the new account you … Continue reading Prevent new user to browse your CentOS server using sFTP<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":609,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-608","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/posts\/608","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/comments?post=608"}],"version-history":[{"count":0,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/posts\/608\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/media\/609"}],"wp:attachment":[{"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/media?parent=608"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/categories?post=608"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/tags?post=608"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}