Solved

disable scp and ftp over sssh for linux server

Posted on 2015-01-06
3
403 Views
Last Modified: 2015-03-16
Dear Experts:

We have provided the ssh access and root login details of our crm server which is running on redhat enterprise linux to the asterisk pbx implementer but we would like to restrict scp and ftp over the ssh , this is to protect the data going out from the crm server, as i have provided root login not sure we can acheive this , if required to provide new user I can create the one provide but please suggest how to achieve this, thanks
0
Comment
Question by:D_wathi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 40

Assisted Solution

by:omarfarid
omarfarid earned 250 total points
ID: 40533156
Giving root access is enough to do any thing on the system.

You can add one account to the system and provide him / her priv. using sudo.

Please see below link on how to use sudo:

http://www.sudo.ws/sudoers.man.html
0
 
LVL 62

Expert Comment

by:gheist
ID: 40534002
root account is not restricted and it is not possible to restrict it. So you just gave out all your data and now got thinking ...
0
 
LVL 21

Accepted Solution

by:
tfewster earned 250 total points
ID: 40534185
You need to turn the problem around and decide what operations & privileges the PBX server should be allowed on the CRM server, then set up new userid(s) with appropriate sudo privilege escalation.

Possibly something like "useradd" with root permissions plus "su - dbuser create_new_db_user_script" if your PBX system was the master identity server.

Though it might be even better to have the CRM server as the master and grant ssh access to the PBX (High security to Low security system)
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question