SSH as User

  • Hallo,


    I wanted to connect to my OMV NAS as user with sftp. But I get "permission denied" it works only as root. But as root I get the whole system / read/write. That is risky. So I put the user in the group ssh and connect worked, but I was very surprised that I still had root permission as user! So I stopped root login. Now it works. But:
    If I dont stop root login I get root privileges as user that should not be!
    Why is this? Is it a bug or am I overlooking something?


    Thanks


    Alex

    • Offizieller Beitrag

    I highly doubt you had root permissions as a user. How are you determining this?

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • I think you are mistaking being able to wander all over the file system as a non-root user with actual full root privileges.


    As a non-root user, connect via sftp and try downloading the following file:


    /etc/shadow


    If you can download (read) that file as a non-root user, something is seriously wrong.


    If a non-root user needs sftp access only, you may want to consider setting up a chroot environment for that user to restrict them to a "home" folder, and disable shell access.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!