hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Web Hosting : Allowing clients to ssh into servers
Reply

Forum Jump

Allowing clients to ssh into servers

Reply Post New Thread In Web Hosting Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 08-21-2002, 03:30 PM
SithLord SithLord is offline
New Member
 
Join Date: Aug 2002
Location: Ohio
Posts: 1
*

Allowing clients to ssh into servers


Greetings,

I work for an ISP as a Systems Administrator. We don't as a rule
allow clients to telnet nor ssh into our Cobalt RaQ Servers. The security is not the main concern as we are well protected. The main issue is with clients who don't know linux that well and the recovery of sites that we have to do if they mess up.

Do you think as an ISP we should allow clients to ssh in as a rule of thumb?

SithLord



Sponsored Links
  #2  
Old 08-21-2002, 03:35 PM
dreamrae.com dreamrae.com is offline
Web Hosting Master
 
Join Date: Aug 2002
Location: Baltimore, Maryland
Posts: 580
um, yes but be very careful..

  #3  
Old 08-21-2002, 03:38 PM
okihost okihost is offline
Web Host :)
 
Join Date: Jan 2002
Location: Boston
Posts: 5,005
we do not allow it by default but if we have spoken to the customer a few times and they seem to know what there doing we do allow it.. I would suggest just not allowing it as default..

__________________
OKIHost Internet - Offering quality shared, reseller and dedicated hosting solutions since 2002
AIM: OKISupport Phone: (888)-OKIHOST Helpdesk: OKIHost Support
EZMove to us today! Just ask me how.

Sponsored Links
  #4  
Old 08-21-2002, 03:40 PM
archie2 archie2 is offline
Junior Guru
 
Join Date: Aug 2002
Location: deville
Posts: 214
I manage all my clients websites through ftp, theres no need for SSH for most people.

  #5  
Old 08-21-2002, 03:44 PM
bwb bwb is offline
Nerf Herder
 
Join Date: May 2002
Location: Internet
Posts: 1,523
I was going to allow ssh but decided there was really no need for it especially with great utilities like PHPMyAdmin and so on. On a case by case basis if they request it I will approve it but otherwise not.

__________________
CEO at Site5.com, 50,000+ clients and working to improve every day.
Read 3,500+ Reviews of Site5 From Verified Customers On Shopper Approved

  #6  
Old 08-21-2002, 03:45 PM
kreativ kreativ is offline
Junior Guru
 
Join Date: Mar 2002
Posts: 232
I wouldn't go with any host that didn't allow me SSH, although I might actually prefer a host that allowed SSH but didn't give it out by default.

  #7  
Old 08-21-2002, 03:51 PM
archie2 archie2 is offline
Junior Guru
 
Join Date: Aug 2002
Location: deville
Posts: 214
How do people use SSH? I have used telnet before but never tried SSH

  #8  
Old 08-21-2002, 04:00 PM
Andrew Andrew is offline
Web Hosting Master
 
Join Date: Jul 2002
Posts: 3,729
Quote:
Originally posted by archie2
How do people use SSH? I have used telnet before but never tried SSH
To use SSH from a windows box, there's a nice little utility called Putty. SSH is far more secure than telnet, as with telnet your username/password are transmitted in plain text.

  #9  
Old 08-21-2002, 04:21 PM
Deb Deb is offline
WHT Forum Royalty
 
Join Date: Jun 2000
Location: Orlando FL USA
Posts: 1,316
Quote:
The main issue is with clients who don't know linux that well and the recovery of sites that we have to do if they mess up.

Do you think as an ISP we should allow clients to ssh in as a rule of thumb?
As a client I would require SSH to be available from my host and this is why we do offer and recommend offering it. As long as you are staying on top of security issues it's nice to allow your clients to do the same. With that said, I also do not see anything wrong with being sure to add the note of "You break it you buy it". If the client messes up their account then it wouldn't be too much to ask for them to pay a fee for you having to fix it...especially if the problem is repetitive... That's a simple accountability issue. It's nice to be nice, but for those who just can't resist pushing buttons blindly the fee helps...

__________________
FutureQuest.net
Quality Services & Professional Support Since 1998
Click Here To Visit the Community

  #10  
Old 08-21-2002, 04:24 PM
dreamrae.com dreamrae.com is offline
Web Hosting Master
 
Join Date: Aug 2002
Location: Baltimore, Maryland
Posts: 580
i just like have a remote server i can always login into from anywhere in the world, store some files if i need to , pick them up from somewhere else. like everyone else said before, you shouldnt say anything about it unless they ask you. also remember to look out for weird processes and connections..

  #11  
Old 08-21-2002, 04:39 PM
ForumsAddict ForumsAddict is offline
Web Hosting Master
 
Join Date: Aug 2002
Posts: 1,612
Allowing SSH ot Telnet can be (may be) as dangerous some times as telling ppl "Come Hack My Server" lol

  #12  
Old 08-21-2002, 06:13 PM
JayC JayC is offline
Web Hosting Master
 
Join Date: Aug 2000
Location: NYC
Posts: 6,627
Quote:
Originally posted by Deb
a simple accountability issue. It's nice to be nice, but for those who just can't resist pushing buttons blindly the fee helps...
Good point, but... people who blindly push buttons they don't understand will have no trouble screwing their accounts up with ftp, or any kind of control panel file manager, or whatever tool you do put in front of them.

How many hosts haven't had clients delete their own "htdocs" or "www" directory?

Disallowing Telnet/SSH doesn't really eliminate the problem, just as it doesn't mean you no longer have to worry about security!

__________________
Specializing in SEO and PPC management.

  #13  
Old 08-21-2002, 06:20 PM
Alan - Vox Alan - Vox is offline
Web Hosting Master
 
Join Date: Nov 2000
Location: Dundee, UK
Posts: 1,366
If you are woried about people messing up their site and wasting your time restoring backups, then charge for restoring the sites.

  #14  
Old 08-21-2002, 09:20 PM
Maximiliam Maximiliam is offline
Web Hosting Evangelist
 
Join Date: May 2002
Location: Sweden
Posts: 526
I would be very careful allowing even ssh access to your servers. Even though you authenticate the users, get their drivers license etc. It can still be hacked.

What if the user use a really stupid password? Thats so easy to crack?

It would be wise if you did decide on allowing ssh, to add their ip range to the server and deny everyone elses. It would make it way more secure.

__________________
I like to help

  #15  
Old 08-21-2002, 09:54 PM
wakkow wakkow is offline
WHT Addict
 
Join Date: Aug 2002
Location: Davis, CA
Posts: 169
How insecure is SSH that so many of you are so hesitant to allow users to use it? Of course the bit about people screwing their sites over.. But how insecure is it when it comes to hax0rs?

Reply

Related posts from TheWhir.com
Title Type Date Posted


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?