Issue SSH access: how can we block display websites list

[Erwan]

Hello,

We have for example 50 customer suscriptions.
When they use the SSH access, they can only execute their files in /var/www/vhosts/mydomain.com but they can see list of domain with:

#ls -l ../

Example:
mydomain.com
otherdomain.com
otherdomain2.com
...

This poses a commercial problem.

Is it possible not to go to /var/www/vhosts, only to /var/www/vhosts/mydomain.com?
Can we block the display of the list of websites?

Thank you.

 

[Erwan]

Igor?

 

[Bitpalast]

In the "chrooted SSH" access, it is not possible to list directory contents above the user's login path. If your subscription users are able to see beyond their own web space, you are not using the chrooted environment. This enables users to read and modify other files on the server, too. Change your subscription settings to "chrooted SSH only".

 

[Erwan]

Thank you Peter.

Ok but i can only select "/bin/bash (chrooted)"?
I can not select "/bin/sh"?

 

[Bitpalast]

Yes, only "/bin/bash (chrooted)", else your users can access all of the server.

 

[Erwan]

Ok. I use always /bin/sh.
With "/bin/bash (chrooted)", i can not use for example "php", "mysql"... command?

I have always:
bash: php: command not found

We must give SSH acces for Capistrano and PHP Symphony...

 

[Bitpalast]

Maybe these website should consider to use a virtual private server with root access and only a single account on them. You cannot have both, root access and protection against root access.