These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for How to disable ssh for virtual servers on the new forum.
Web Hosting and Cloud Computing Control Panels
it has been said the /etc/shells file should have /bin/false on the first line so new users get that permission instead of /bin/sh
However after i did this users still get sh and I change that manually under webmins module Users and Groups.
I have never seen an option in the Server Template, but would also like to know how to restrict the new users as I don't usually give ssh to users.
There is now a form for managing shells for all types of users. Look in System Customization:Custom Shells
We need to get that page better documented. It looks more intimidating than it actually is. ;-)
--
Check out the forum guidelines!
Joe
I got no clue what to do in there and which domains it would affect.
..
However by looking at that module again, I realized I could integrate my ticket system into virtualmin, and the site where one can upgrade the package. hehe yay!
I created a category "support" but it would be nice to add custom links to existing categories, like in my case services.
OK I found out how this works.
in the system customisation I have enabled
[img size=150]http://izihost.eu/downloads/shell.jpg[/img]
now servers created have a default of /bin/false
It would however still be preferred to have the option in the server template as some plans might have shell where others might have only FTP
I also faced this problem...and didn't find a way to solve it.
I also found the Custom Shells Page...it was the scariest page I found in Virtualmin (GPL) :D
This is what I did, I went to: SSH Server -> Access Control, at the option "Only allow users" I placed the name of a user account I created, so only that user was able to login.
As another security precaution I went to: SSH Server -> Authentication, at the option "Allow login by root?" I selected NO, so only the user I specified was ablte to login (but after I think of it, only the "Access Control" option should work also...).
After that I went to: SSH Server -> Networking, at the option "Listen on addresses" I added the IP Address I want the server to listen on, it's the same IP Address I use as a 'Management Network'.
When a user tries to login on my server(s) using SSH, it closes the connection after a few failed login attempts, but I cannot remember if that was a standard feature (CentOS v5.1) or something standard :D
Molski
Yes, I've found the custom shells page before, but where do I select the type of access that newly created users will have by default? I think it should be somewhere in server template but it isn't.
And I can't edit my post here, "Oops! You've hit a bug in the forum software. It'll be fixed soon." :D:D:D
Anyway, I think it would be a good idea to place the option in server template -> default domain owner limits.
Now I have to change this after I create the virtual server, a bit tiresome ;-)
I'm also looking at how to use the Custom Shells section. I'd like to disable ssh and ftp as default for virtual server users and keep it just for my admin/root user... Any ideas how to do this?
Howdy,
In the Custom Shells screen, what you'd want to do is ensure that no user has "/bin/bash" or "/bin/sh" as a shell.
You'd only want /bin/false, or /dev/null. A user with /bin/false can log into FTP and email, a user with /dev/null can log into just email.
-Eric