| JanC | that depends on your configuration | 00:03 |
|---|---|---|
| rfm | lunatiq, what people used to do was set the shell for the ftp-only users to nologin so they couldn't log in (via ssh or any other way.) | 00:08 |
| lunatiq | rfm can I just add AllowUsers root | 00:13 |
| lunatiq | to etc/ssh/sshd_config | 00:13 |
| JanC | some FTP servers can use virtual users also | 00:19 |
| JanC | so then you don't need them to be system users | 00:19 |
| JanC | allowing root to login directly is usually not a good idea | 00:20 |
| lunatiq | JanC but would that limit it to just root? | 00:21 |
| JanC | also, SSH can deny users based on what group they are (not) in and such | 00:21 |
| lunatiq | That's my question | 00:21 |
| lunatiq | or should I use AllowGroups root | 00:23 |
| JanC | better limit it to the non-root user who's an admin (who has sudo rights to become root) | 00:23 |
| lunatiq | I don't want to do that. | 00:24 |
| JanC | ? | 00:24 |
| lunatiq | I'm asking a question. | 00:24 |
| lunatiq | can I just add AllowUsers root | 00:24 |
| lunatiq | or should I use AllowGroups root | 00:24 |
| JanC | it should work, yes, but that would require PermitRootLogin to be enabled too (preferably with prohibit-password & using using keys to authenticate) | 00:28 |
| lunatiq | JanC which would be better? AllowUsers or AllowGroups ? | 00:31 |
| JanC | better would be to use neither with root IMO | 00:31 |
| alkisg | lunatiq: https://termbin.com/dmpw | 06:49 |
| alkisg | This is how to define groups for sftp access, in a chroot, without giving ssh access | 06:49 |
| lunatiq | when I SFTP it seems to use /usr/lib/openssh/sftp-server | 06:56 |
| lunatiq | can I install vsFTP too? | 06:57 |
| lunatiq | Yep I have to | 07:03 |
| lunatiq | can you have multiple local_root with vsFTP | 07:07 |
| lunatiq | I guess that would be stupid | 07:13 |
| lunatiq | :s | 07:13 |
| === justReddy is now known as justache | ||
| PeGaSuS | help! somehow I've messed up my server netplan config. kimsufi set me in rescue mode but now I have no idea what to do to fix netplan or anything else that might be needed | 11:51 |
| PeGaSuS | I've already done `mount /dev/sda3 /mnt/ | 11:52 |
| PeGaSuS | and chroot /mnt/ | 11:53 |
| PeGaSuS | meh.. decided to reinstall the whole thing | 12:27 |
| athos | postgresql-common migrated (now pointing to 15. I will follow-up with final rebuilds and pg-14 removal request from lunar soon. | 13:57 |
| athos | Cc sergiodj | 13:57 |
| samba35 | i am on ubuntu server with kvm running 3 guest 1 guest is firewall and another guest is linux/windows how do configure guest linux to get ip address from firewall/dhcp server | 14:44 |
| samba35 | how 1 virtual guest talk to other virtual guest | 14:50 |
| sergiodj | athos: thanks | 15:54 |
| === ahasenack_ is now known as ahasenack | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!