SSH Session closes Immediately with anything other than ROOT


Recommended Posts

I am attempting to set my system up to be more secure and I would like to enforce non-root ssh. As such as I have three users created and when I try to SSH with any of them, the session connects and immediately closes. 

 

After some reading it APPEARS this is because those users don't have more directories, but I can figure out how to assign a home directory in unraid. 

 

Maybe I'm going about this the wrong way, but google has not been terribly helpful. Thanks!

Link to comment

Unraid is not designed to use anything but root for console access. If you wish to force it to work with other users, it will be an uphill battle. Not impossible, but you will need to educate yourself on how unraid is set up so you can apply your modifications at every boot. Unraid is extracted into RAM and runs fresh each boot, so OS mods are not persistent by default.

Link to comment
17 minutes ago, eagle470 said:

this is concerning vulnerability to leave that door cracked....

 

Outside that could this impact FTP/SFTP users as well?

Yes. Unraid is not designed to be exposed to the internet directly, all access must come through an external firewall with only the bare needed ports exposed.

 

Do not expose any of the management interfaces or ssh or heaven forbid telnet ports. If you need management access remotely, set up a VPN.

Link to comment

this was actually pretty easy to figure out once I found the adduser/moduser commands.

 

I ran the following commands AFTER creating a user through the GUI:

 

#Create the home directory first (this needs to be somewhere other than "/home" for persistance, I will use Disk 1 (this is only available if the array is started

#Technically this is not required, but you don't really want to be dropped right into "/" upon logon, though this is what will happen if the array is not started.

mkdir /mnt/disk1/%USERNAME%

 

#Here we bind the user account to the home directory by specifying the location created in the last command and then the account name, this binding will persist across reboots, but the directory may not always be available.

usermod -d /mnt/disk1/%USERNAME% %USERNAME%

 

#Lastly we need to set a shell

usermod -s /bin/bash %USERNAME% 

 

*To make the shell persistent you need to go to /boot/config and edit the user account under the passwd file to reflect the correct shell

Edited by eagle470
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.