Configuring Fedora Core 4 and Webhost anager for SFTP

Posted on 2006-05-03
Last Modified: 2008-01-09
Here's my situation.

I am running Fedora Core 4 with Webhost Manager and cPanel to manage my sites.  I am able to SFTP and SSH into the sites, but SFTP allows me to change directory up to /and then down into /bin, /usr, and other system directories.  I would like to be able to SFTP/SSH into the server and the individual sites, but I would like to restrict access to the /home/username directory for each account.  Ideally, the only user that would be allowed SFTP would be me on my own user account.  Is there a way to accomplish this using ProFTPd and the Fedora/Webhost Manager setup?

Also, I would like to restrict shell access to most accounts.  Currently, if I use jailshell, the users can log in and get up to / and then into the system directories, although they are prevented from acessing the files.  If I use noshell, this also disables ftp.

Ideally, a normal user would have regular ftp access, no sftp or shell (SSH), and my user would have SFTP and SSH.  Any way to do this?

Question by:alanpollenz
    LVL 15

    Expert Comment

    On most WHM/cPanel setups I've seen SFTP is handled by sshd, not ProFTPd. There is a way to do what you want, it's not that straightforward though:

    Author Comment

    Actually, that explains how to set up an SFTP/SSH only account in a jail environment.  What I want to do is disable SFTP/SSH for most users.
    LVL 15

    Accepted Solution

    Set their default shell to /sbin/nologin by editing /etc/passwd. Sorry, I don't know how to do this through WHM.

    Author Comment

    Thanks.  That did the trick.


    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Join & Write a Comment

    ​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
    BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (, affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now