Solved

disable scp and ftp over sssh for linux server

Posted on 2015-01-06
3
398 Views
Last Modified: 2015-03-16
Dear Experts:

We have provided the ssh access and root login details of our crm server which is running on redhat enterprise linux to the asterisk pbx implementer but we would like to restrict scp and ftp over the ssh , this is to protect the data going out from the crm server, as i have provided root login not sure we can acheive this , if required to provide new user I can create the one provide but please suggest how to achieve this, thanks
0
Comment
Question by:D_wathi
3 Comments
 
LVL 40

Assisted Solution

by:omarfarid
omarfarid earned 250 total points
ID: 40533156
Giving root access is enough to do any thing on the system.

You can add one account to the system and provide him / her priv. using sudo.

Please see below link on how to use sudo:

http://www.sudo.ws/sudoers.man.html
0
 
LVL 62

Expert Comment

by:gheist
ID: 40534002
root account is not restricted and it is not possible to restrict it. So you just gave out all your data and now got thinking ...
0
 
LVL 21

Accepted Solution

by:
tfewster earned 250 total points
ID: 40534185
You need to turn the problem around and decide what operations & privileges the PBX server should be allowed on the CRM server, then set up new userid(s) with appropriate sudo privilege escalation.

Possibly something like "useradd" with root permissions plus "su - dbuser create_new_db_user_script" if your PBX system was the master identity server.

Though it might be even better to have the CRM server as the master and grant ssh access to the PBX (High security to Low security system)
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SonarQube on Linux vs Windows 3 71
maybe no no httpd.conf 6 77
Redhat upgrade 1 47
Certificate Request CentOS/Apache 1 18
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question