KpyM Telnet/SSH Server - Forum
Restricted server
Ian Murphy Restricted server
 
I know these subjects have been brought up in many posts and forms but I thought I'd put one request in covering them all.

I've been trying, unsuccessfully, to set up kpym as a restricted sftp server. Restricted in that I want to publish it on the internet and only have a few accounts work and when I say work, I mean I want them to upload/download to/from certain closed off directories.... and nothing else.

As far as I can tell this not possible. so I'd like to request:

1) that the root directory actually be the root directory from an sftpd perspective. If I say its x:\sftp then the user cannot change to x:\, or c:\ or anything else

2) that the init script be executed in the user context and not the context of the account running the service which is what I does at the moment.

3) the init script should execute first, then the user directory be mapped. This would allow mapping of a network drive which could then be the root - restricting the incoming connections completely. I'd like to set the root to, say, x:\, but to map x: as \\server\%username%$ in the init script.

4) a config option to disable/enable functions explicitly - like telnet, ssh, whatever. This is for peace of mind so that we know users have no way of initiating something we don't want them to do. Think of the case of setting up an sftp server.

5) add an allowed user group option - which could cover option 4. If you could change the group name allowed to connect to each service type then it would give quite a lot of control. No group, no access. Not a member of the group, no accesss.


Kroum Grigorov
 
for securing folders have a look at these:
http://www.kpym.com/phpbb/viewtopic.php?t=208
http://www.kpym.com/phpbb/viewtopic.php?t=374
http://www.kpym.com/phpbb/viewtopic.php?t=415
http://www.kpym.com/phpbb/viewtopic.php?t=476
http://www.kpym.com/phpbb/viewtopic.php?t=254

for securing access to subsystems:
http://www.kpym.com/phpbb/viewtopic.php?t=457
http://www.kpym.com/phpbb/viewtopic.php?t=408
http://www.kpym.com/phpbb/viewtopic.php?t=372
http://www.kpym.com/phpbb/viewtopic.php?t=366
http://www.kpym.com/phpbb/viewtopic.php?t=424
http://www.kpym.com/phpbb/viewtopic.php?t=422


kroum


 

© 2007 - 2008 Kroum Grigorov
Powered by phpBB © 2001, 2005 phpBB Group