Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I opened a domain in Plesk and wanted to give the user access to SFTP in order to secure the transfers through FTP.
When i chose “Shell acess to server with user’s credentials /bin/bash” I got a message that it is extremely dangerous to enable this feature and I should only enable it if I trust the user.
I am trying to understand how enabling SFTP to a user can be dangerous.
Thanks in advance!
Joel
Well, I have no clue about plesk, but sftp uses ssh to tunnel the communication between client and server. Therefore, the user can access your server with ssh, and get a full fledged shell to do nasty stuff. If you don’t pay attention he can read other users homes, or read your server’s configs.
Unless you chrooted the user, and took further care about hdd, cpu, mem, … limits, you should not allow access to your server to a potentially untrustworthy user via ssh.
To my knowledge, there is no way to allow sftp/scp without complete ssh access.