Improve company productivity with a Business Account.Sign Up

x
?
Solved

disable scp and ftp over sssh for linux server

Posted on 2015-01-06
3
Medium Priority
?
456 Views
Last Modified: 2015-03-16
Dear Experts:

We have provided the ssh access and root login details of our crm server which is running on redhat enterprise linux to the asterisk pbx implementer but we would like to restrict scp and ftp over the ssh , this is to protect the data going out from the crm server, as i have provided root login not sure we can acheive this , if required to provide new user I can create the one provide but please suggest how to achieve this, thanks
0
Comment
Question by:D_wathi
3 Comments
 
LVL 40

Assisted Solution

by:omarfarid
omarfarid earned 1000 total points
ID: 40533156
Giving root access is enough to do any thing on the system.

You can add one account to the system and provide him / her priv. using sudo.

Please see below link on how to use sudo:

http://www.sudo.ws/sudoers.man.html
0
 
LVL 62

Expert Comment

by:gheist
ID: 40534002
root account is not restricted and it is not possible to restrict it. So you just gave out all your data and now got thinking ...
0
 
LVL 21

Accepted Solution

by:
tfewster earned 1000 total points
ID: 40534185
You need to turn the problem around and decide what operations & privileges the PBX server should be allowed on the CRM server, then set up new userid(s) with appropriate sudo privilege escalation.

Possibly something like "useradd" with root permissions plus "su - dbuser create_new_db_user_script" if your PBX system was the master identity server.

Though it might be even better to have the CRM server as the master and grant ssh access to the PBX (High security to Low security system)
0

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Fine Tune your automatic Updates for Ubuntu / Debian
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question