Paper Lantern for cPanel accounts is being retired this year. Find out more »
cPanel & WHM Version 102 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!
This object is in archive! 

Ability to disable SFTP

Nathan Lierbo shared this idea 9 years ago
Open Discussion

Call for Comments

The ability for cPanel users, when logging in via SFTP, to browse above their directory is both undesired and unnecessary in contemporary cPanel&WHM hosting environments. To get around this, we should implement a chrooted environment.

Being mindful of the many servers still running CentOS 5, we cannot implement the chrooting abilities specific to CentOS/RHEL 6. However, we may be able to do this by using ProFTPd for SFTP as it has supported chrooting for a very long time and has already established a record of being compatible with cPanel&WHM environments.

Note, ProFTPd does not natively accommodate OpenSSH keys, often used on SSH. However, as documented on ProFTPD module mod_sftp these keys can be converted to a format compatible with ProFTPd. This is an understood limitation and is considered something that could be accommodated later as most SFTP users currently just use username/password authentication.

Original thread:

Leave a Comment
Attach a file