Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a shared Linux servers for hosting websites. I require one shell script to check SSH access is enabled or disabled for all the websites. Please help for this.
This Linux server is use for shared hosting where near about already 250 websites are hosted. Now, I need to check which website having a feature SSH Access is enabled or Disabled via one shell script.
Hey Shane,
So essentially you're saying that there are 250 different websites hosted on this virtual server. That'll mean that there are 250 different IP's?? Right?? You want to check which of these 250 IP's has Ssh enabled..Right??
If you have legitimate access to all these IP's and all of them are running normal Ssh on Linux you might want to use Nmap to scan if port 22 is open on all your 250 IP's. If it is then ssh is probably running.
Did I understand you correctly?
Cheers
Arvind
p.s.... This is on the assumption that virtual hosts behave in exactly the same way as normal hosts. If they dont then I may be wrong.
I believe OP is referring to a shared hosting environment. In such an environment it is not uncommon for SSH to be enabled/disabled for the particular domain/user combination based upon a configuration that the server maintains for that particular domain.
A script to check the status on a per-domain basis for all domains is trivial so long as the script author has root access and has detailed knowledge of how the configuration files are constructed and where they are kept.
Lacking that information, it won't be possible to answer the question.
Hello,
I have a shared Linux servers for hosting websites. I require one shell script to check SSH access is enabled or disabled for all the websites.
...
As server is shared; no one can access their site with IP address only. They can access it via Pre DNS URL like as under:
As far as i understand this, you have a shared hosting Linux server, i.e. where many websites are bound to single IP (apache virtual hosts), and therefore websites can not be accessed by IP address, only by domain name or by http://205.23.52.152/~USARNAME/ (if apache mod_userdir is enabled).
This is a common and wide-used practice for shared hosting companies.
Now concerning to your ssh question:
websites and ssh access are two different things, and have nothing to each other.
You have 'shane' unix user, so you have to check if it is allowed to connect via ssh.
In most cases, if there are no restrictions set in /etc/ssh/sshd_config (AllowUsers, AllowGroups directives), user is allowed to connect via ssh if it has a shell.
Code:
AllowGroups
This keyword can be followed by a list of group name patterns, separated by spaces. If specified, login is
allowed only for users whose primary group or supplementary group list matches one of the patterns. ‘*’
and ‘?’ can be used as wildcards in the patterns. Only group names are valid; a numerical group ID is not
recognized. By default, login is allowed for all groups.
AllowTcpForwarding
Specifies whether TCP forwarding is permitted. The default is “yes”. Note that disabling TCP forwarding
does not improve security unless users are also denied shell access, as they can always install their own
forwarders.
AllowUsers
This keyword can be followed by a list of user name patterns, separated by spaces. If specified, login is
allowed only for user names that match one of the patterns. ‘*’ and ‘?’ can be used as wildcards in the
patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed
for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked,
restricting logins to particular users from particular hosts.
Thats a decent explanation by fooks..Shane. With regards to the script since all you need to check is 1 IP now ..for ssh access I guess you wouldnt need a script at all. You could just do an ssh an find out .
BTW if you would want to find out which user would have ssh access you'd first need to set the AllowUsers parameter as fooks has mentioned below.
Once thats done you'd need to write a quick script which does:
1.Open the sshd_config file and grab all the users under AllowUsers
2.Match this list against the user list in /etc/passwd
3.Wherever theres a match you know that that user has SSH access.
4.If theres no match that user doesnt have SSH access.
Clear enough? You could use Perl or even write a simple shell script to do this.Its not too complicated.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.