Find the answer to your Linux question:
Results 1 to 2 of 2
I have sshd setup on my server and I have run into a small dillema. I have apache virtual hosts setup for the various domains. Each domain has it's own ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2006
    Posts
    4

    Securing sshd


    I have sshd setup on my server and I have run into a small dillema. I have apache virtual hosts setup for the various domains. Each domain has it's own home directory and a user of the same name as the directory. If 2 users, for example x and y both had their files which they wanted to keep private, my server fails badly. Write access is disabled on eachothers dirs, but they can still read eachothers files with nano.

    I tried chowning the dirs to the relevant users and chmoding them to 0700. This works perfectly for ssh, but apache then gives the access forbidden message.

    Anyone got any ideas as to how I can still give apache access to the files and still give the relevant owners access to their home dir, but without giving other ssh users access.

    Any help would be appreciated.

    ~ihth~

  2. #2
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,916
    Make sure that the apache user (apache, or httpd or whoever it is on your system) is listed in the /etc/group file as a member of each users groups, and make sure that different users are not listed in each others groups. Then you can restrict access for non-group members (i.e. exclude other users) but allow group access (including apache in this case) to read the files, e.g.

    Code:
    drwxr-x---   fred     fred    4096   ....  fred
    and in /etc/group:

    Code:
    fred:x:500:apache
    Linux user #126863 - see http://linuxcounter.net/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •