Removal of SSH (Continuation from other thread)

**Buddha** · 04-10-2004, 12:18 PM

All those that reply to this thread if you could tell to us:

How many people you've given SSH access to?
Reason for granting access?
Weather or not you can provide proof of their identity?

I think that would be interesting.

As for myself, I've not granted SSH access to anyone because my customers are not computer experts and I don't trust them. I do however know where most of them live since they're mostly locals.

**openbox** · 04-10-2004, 01:06 PM

1. The only person with shell access for accounts I'm responsible for, it myself.

2. N/A

3. N/A

I personally hope that Andrew does NOT remove shell access for his resellers.

**reviewum.com** · 04-10-2004, 01:16 PM

1) 99.9% of my accounts are my websites, so by default I give SSH access to all of them. The few that are not "my" accounts are accounts I've given to VERY close friends.
2) The biggest reason... to install gallery,run TOP commands, and move honkin' big files accross the FAT internet speed pipe!
3) I know where they live <punching fist into hand while speaking>

Loss of SSH would really stink... It's not that I use it that often, but when my last host got rid of it I realized that when I do use it... it saves me a TON of time!

I thought this is why the whole "jailed shell" was developed... to protect us. Isn't there some kind of jailed shell that keeps us safe, but also gives users 80% of the important features of shell?

There has GOT to be a way for Andrew and his staff to determine who gets it and who doesn't (based on lenght of time with Dathorn, usage, etc.etc.etc.). If someone abuses those privileges... they are yanked!

**Eric** · 04-10-2004, 02:31 PM

I manage 90% of my client's accounts personally and I give SSH access to each so that I can administer them easily. Only one of my clients has access to their site's SSH and they have a very static site (and mostly use Frontpage to update it when they do).

If I lose SSH I'll leave Dathorn. I came here because another host removed it. Like reviewum said, I also am wondering if jailshell is not meeting the needs?

I hate to move all my clients again, but I refuse to host where I can't have a shell. I'm an old-school person who edits with 'vi', etc. and SSH was a requirement when I was shopping and found Dathorn. IMHO, it's a big knee-jerk response to kill all users' access if a few are abusing their privileges.

Eric

**Jonathan** · 04-10-2004, 02:46 PM

1) No one so far; only the 'Gold' plan as it featured.
2) Its an addition "enhencement" to the Gold Plan I offer.
3) Yes; requires said customer(s) to email/mail me a photocopy of proof of indentiy (i.e., ID/drivers license).

I use Shell some what, and I admit
its lost wouldn't hurt me personally, but I've
had some people ask me about hosting, and told
me up front they wanted SSH, because they use it extensively.

**AndrewT** · 04-10-2004, 02:55 PM

I'm just going to address a few issues.

Jailed SSH does nothing more than keep users from browsing through files on other accounts.

Yes, there are only a few that abuse this access but by the time the abuse is done the mass amount of problems have already been created. On one particular occasion it was by the account owner himself that decided to go and run various exploits which eventually resulted in one being succesfull. It took a great deal of time to track down most of what had been done but it was taken to such a large extent that we could never be sure that everything was removed. This is part of the reason why cpanel12 has been having problems and is the first one being upgraded here. cpanel12 was one of these servers that was hurt by this and a clean RedHat install here will restore some faith in it.

Don't get me wrong, I understand that SSH access is a necessity for some, that's why it's still an option in the first place. Otherwise I would have removed it entirely without even thinking twice about it. For the time being at least, removing SSH access is not an option that we are going to take.

**openbox** · 04-10-2004, 03:04 PM

Thanks Andrew.

And for those posting about cPanel's jail shell...it's not a "real" jail. I real jail can be built to such an extent that the user can't do anything outside of the shell root. Of course, this greatly limits what can and can't be done and I'm sure that it would break cPanel. IMO, there's a fine line between a real jail and a VPS-type configuration.

**alterego** · 04-10-2004, 04:14 PM

The reason I just moved all my remaining domains from here to a dedicated server was the fact you would even consider disabling SSH access for resellers. So, from my perspective, it did make a difference that you even posted the possibility of removing ssh access. Not willing to wait and see, I decided it was time to be proactive and ensure I could keep the level of access I require for productive hosting. I suppose you could say I cast my vote with my pocketbook.

**Buddha** · 04-10-2004, 05:12 PM

Originally posted by AndrewT

Don't get me wrong, I understand that SSH access is a necessity for some, that's why it's still an option in the first place. Otherwise I would have removed it entirely without even thinking twice about it. For the time being at least, removing SSH access is not an option that we are going to take.

Thank you!

I have other hosting accounts without SSH access but I sure like knowing it's there in an emergency.

**Nitron** · 04-10-2004, 10:58 PM

Thanks for not removing it, I depend on it for backing up and restoring large DB's.

**Klaassh** · 04-10-2004, 11:53 PM

Personally. I have only had to use it the once for scripting. but I do use it reguarly for MySQL purposes.
It is only enabled on my personal accounts. the couple of business sites I have, have no use for it so far.

**www** · 04-11-2004, 12:39 AM

The reason I moved here to Dathorn in the first place was because of SSH. Most of my customers are fully managed by me and only I have the passwords. I need SSH for backup, quick tweaking and checking top.

If it is going to be disabled please give us plenty of warning since I will have to go through a LOT of work moving everyone elsewhere. Since I have accounts on more than one server, this could take me some serious time.

**reviewum.com** · 04-11-2004, 01:10 AM

I'd be surprised if Andrew were to just drop the bomb one day and say "SSH has been disabled on all accounts!".

I woule expect / hope that he would give us ample warning!

**LVZ** · 04-11-2004, 05:08 AM

Without SSH, I would also move to another host. I primarily use SSH via WinSCP but I still frequently 'vi' files directly.

Removal of SSH (Continuation from other thread)

Removal of SSH (Continuation from other thread)

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment