JanC | that depends on your configuration | 00:03 |
---|---|---|
rfm | lunatiq, what people used to do was set the shell for the ftp-only users to nologin so they couldn't log in (via ssh or any other way.) | 00:08 |
lunatiq | rfm can I just add AllowUsers root | 00:13 |
lunatiq | to etc/ssh/sshd_config | 00:13 |
JanC | some FTP servers can use virtual users also | 00:19 |
JanC | so then you don't need them to be system users | 00:19 |
JanC | allowing root to login directly is usually not a good idea | 00:20 |
lunatiq | JanC but would that limit it to just root? | 00:21 |
JanC | also, SSH can deny users based on what group they are (not) in and such | 00:21 |
lunatiq | That's my question | 00:21 |
lunatiq | or should I use AllowGroups root | 00:23 |
JanC | better limit it to the non-root user who's an admin (who has sudo rights to become root) | 00:23 |
lunatiq | I don't want to do that. | 00:24 |
JanC | ? | 00:24 |
lunatiq | I'm asking a question. | 00:24 |
lunatiq | can I just add AllowUsers root | 00:24 |
lunatiq | or should I use AllowGroups root | 00:24 |
JanC | it should work, yes, but that would require PermitRootLogin to be enabled too (preferably with prohibit-password & using using keys to authenticate) | 00:28 |
lunatiq | JanC which would be better? AllowUsers or AllowGroups ? | 00:31 |
JanC | better would be to use neither with root IMO | 00:31 |
alkisg | lunatiq: https://termbin.com/dmpw | 06:49 |
alkisg | This is how to define groups for sftp access, in a chroot, without giving ssh access | 06:49 |
lunatiq | when I SFTP it seems to use /usr/lib/openssh/sftp-server | 06:56 |
lunatiq | can I install vsFTP too? | 06:57 |
lunatiq | Yep I have to | 07:03 |
lunatiq | can you have multiple local_root with vsFTP | 07:07 |
lunatiq | I guess that would be stupid | 07:13 |
lunatiq | :s | 07:13 |
=== justReddy is now known as justache | ||
PeGaSuS | help! somehow I've messed up my server netplan config. kimsufi set me in rescue mode but now I have no idea what to do to fix netplan or anything else that might be needed | 11:51 |
PeGaSuS | I've already done `mount /dev/sda3 /mnt/ | 11:52 |
PeGaSuS | and chroot /mnt/ | 11:53 |
PeGaSuS | meh.. decided to reinstall the whole thing | 12:27 |
athos | postgresql-common migrated (now pointing to 15. I will follow-up with final rebuilds and pg-14 removal request from lunar soon. | 13:57 |
athos | Cc sergiodj | 13:57 |
samba35 | i am on ubuntu server with kvm running 3 guest 1 guest is firewall and another guest is linux/windows how do configure guest linux to get ip address from firewall/dhcp server | 14:44 |
samba35 | how 1 virtual guest talk to other virtual guest | 14:50 |
sergiodj | athos: thanks | 15:54 |
=== ahasenack_ is now known as ahasenack |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!