Our forum Area

Page 1 of 6 1 2 ... LastLast
Results 1 to 15 of 87

This is a discussion on Merged: Shell access/ Jailed in the Website Management forum
Ah crap. One of the main reasons I joined JagPC again was because they had mySQL commands enabled in Shell, and I could back up ...

  1. #1
    O_o CeleronXL's Avatar
    Join Date
    Dec 2001
    Posts
    566

    Shell Removal

    Ah crap. One of the main reasons I joined JagPC again was because they had mySQL commands enabled in Shell, and I could back up my databases. Now it's diabled.

    It says that it's disabled until they find out who was the one exploiting it. However, if it's disabled, how would you know?

    This is an idea that many other hosts use. Can those of us who really need shell access send in driver's licenses and perhaps some other forms of identification and then be allowed access? SSH does have it's potential dangers, and many hosts force you to send in this kind of ID to ensure that you are who you say you are so if you exploit anything, they can find you.

    How about it?
    "Before you critisize someone, walk a mile in their shoes. That way, when you critisize them, you're a mile away and you have their shoes."
    My Site: StarCraft Sector | My vB Forums: Forum Sector
    E-Mail: celeronxl@cox.net | AIM: CeleronXL | ICQ: 118648739 | MSNM: celeronxl@hotmail.com | YIM: celeronxl

  2. #2
    Like a star... Julian Muņoz's Avatar
    Join Date
    Oct 2002
    Location
    Colombia
    Posts
    1,368
    Umm.... disabled mysql commands? I'm going to have a hard time trying to backup my forums database, with over 100MB of data Let me check with my server.
    Julian D. Muņoz - LANeros.com

  3. #3
    Like a star... Julian Muņoz's Avatar
    Join Date
    Oct 2002
    Location
    Colombia
    Posts
    1,368
    I just tried the mysql command and it looks to be working just fine, so i guess it's not disabled on my server...

    If you really need the mysql commands, you could ask for a server move to another one with mysql commands...
    Last edited by Julian Muņoz; 04-02-2003 at 12:24 PM.
    Julian D. Muņoz - LANeros.com

  4. #4
    Loyal Client
    Join Date
    Sep 2001
    Posts
    85
    I believe that the reference is, however, to the ability to back up *onto the server* and then FTP the file, rather than going through phpMyAdmin or whatever.

    Without SSH, that is, I believe, impossible. As is any secure connection to email or FTP--not something many people use, granted, but something many more *should* use.

    If it's not back by the 30th, I'm switching hosts. I'm tired of all this. When I signed up, it was for an account with SSH. Pulling my SSH access with no warning is stupid. It appears to be less a matter of unauthorized access than of authorized accounts running scripts or whatever that are causing trouble--and that could be easily fixed by suspending the accounts of people who do that.

    Turning off access for everybody is just laziness--it doesn't allow them to actually get rid of the people who *would* abuse such things, so it barely punishes the offenders, and yet it also punishes everybody who ever used their account for something legitimate.

  5. #5
    Rogue Developer
    Join Date
    Oct 2002
    Posts
    191
    They've got my credit card number and my money. If that's not good enough for them to provide the services I was guaranteed, I'll make sure the door doesn't hit my posterior on the way out.

    And I agree -- having no warning smacks of laziness and is rather inconsiderate of their paying customers. I understand they've got their fair share of headaches at the moment, but that's no reason to risk alienating customers. I've got a few perl scripts that I have to run manually early every week. It's a good thing I ran them yesterday, but what am I to do next week? Is there a way to execute arbitrary perl scripts from cpanel?

  6. #6
    O_o CeleronXL's Avatar
    Join Date
    Dec 2001
    Posts
    566
    How could you possibly run MySQL commands in SSH without access?

    I mean commands like `mysqldump` and `mysqlcheck` in SSH.
    "Before you critisize someone, walk a mile in their shoes. That way, when you critisize them, you're a mile away and you have their shoes."
    My Site: StarCraft Sector | My vB Forums: Forum Sector
    E-Mail: celeronxl@cox.net | AIM: CeleronXL | ICQ: 118648739 | MSNM: celeronxl@hotmail.com | YIM: celeronxl

  7. #7
    bvh
    bvh is offline
    Loyal Client
    Join Date
    Aug 2002
    Posts
    5
    They say: "we've been hit with a stream of abusive users taking advantage of shell."

    I say: "Warn those users and if they are still at it, kick them out!". You don't need a "policy" for that, it's plain common sense..

    I read my mail on that server through mutt and edit my site with Vim.. how am I suppost to do it now?

    FTP ? POP3 ? .. that's not why I joined Aletia/Jaguar...

  8. #8
    QA Manager JPC-Greg's Avatar
    Join Date
    Sep 1998
    Posts
    5,446
    Originally posted by Prone

    And I agree -- having no warning smacks of laziness and is rather inconsiderate of their paying customers. I understand they've got their fair share of headaches at the moment, but that's no reason to risk alienating customers. I've got a few perl scripts that I have to run manually early every week. It's a good thing I ran them yesterday, but what am I to do next week? Is there a way to execute arbitrary perl scripts from cpanel?
    Sorry, but its not like we got a fair warning of the impending issues that caused us to make this decision.

    Not to worry, its just a temp thing guys and gals.
    Greg Landis | Founder
    JaguarPC | World leader in webhosting since 1998.
    How are we doing? Tell us at QA@jaguarpc.com.

    Need a Manager?

    (pm) | (email) Les, Chief Operations Officer
    (pm) | (email) Larry, Customer Service Manager

  9. #9
    QA Manager JPC-Greg's Avatar
    Join Date
    Sep 1998
    Posts
    5,446
    Originally posted by CeleronXL
    How could you possibly run MySQL commands in SSH without access?

    I mean commands like `mysqldump` and `mysqlcheck` in SSH.
    You can do those tasks from phpmyadmin .
    Greg Landis | Founder
    JaguarPC | World leader in webhosting since 1998.
    How are we doing? Tell us at QA@jaguarpc.com.

    Need a Manager?

    (pm) | (email) Les, Chief Operations Officer
    (pm) | (email) Larry, Customer Service Manager

  10. #10
    Like a star... Julian Muņoz's Avatar
    Join Date
    Oct 2002
    Location
    Colombia
    Posts
    1,368
    Greg.. It's impossible to dump a 100MB database to the disk using PHPmyadmin...

    Think about modem users (just like me), it'd be impossible to backup our sites without shell access.
    Julian D. Muņoz - LANeros.com

  11. #11
    the Windlord Gwaihir's Avatar
    Join Date
    Jun 2002
    Posts
    2,567

    Will shell access be switched back on automatically?

    Title says all: will it be switched back on for those who had it, or does everyone have to request it again indiviudally?
    Regards,

    Wim Heemskerk
    ---
    Visit MeCCG.net - Cardgaming in J.R.R. Tolkien's Middle-earth
    And Gwaihir.net - The Middle-earth CCG store

  12. #12
    Like a star... Julian Muņoz's Avatar
    Join Date
    Oct 2002
    Location
    Colombia
    Posts
    1,368
    I had shell access enabled on my server and I didn't noticed they deactivated it. I just noticed some commands are now restricted, like 'top' and 'w'... But commands like mysqldump and mysql are working for me...

    If you had shell access and it's not working now, you can request it to them.
    Julian D. Muņoz - LANeros.com

  13. #13
    the Windlord Gwaihir's Avatar
    Join Date
    Jun 2002
    Posts
    2,567
    Mine has not yet been reactivated. I don't urgently need it right now, so I'll try again in a day or two, when things have quieted down again. I'll drop in a ticket then if it's not up.
    Regards,

    Wim Heemskerk
    ---
    Visit MeCCG.net - Cardgaming in J.R.R. Tolkien's Middle-earth
    And Gwaihir.net - The Middle-earth CCG store

  14. #14
    QA Manager JPC-Greg's Avatar
    Join Date
    Sep 1998
    Posts
    5,446
    Many, in fact most were reactivated. If you need it please just open a ticket and let us know. thanks
    Greg Landis | Founder
    JaguarPC | World leader in webhosting since 1998.
    How are we doing? Tell us at QA@jaguarpc.com.

    Need a Manager?

    (pm) | (email) Les, Chief Operations Officer
    (pm) | (email) Larry, Customer Service Manager

  15. #15
    Rogue Developer
    Join Date
    Oct 2002
    Posts
    191
    I tried submitting a ticket to get shell access back, but I got a response:

    We are doing security maintenance upgrades on all servers due to the sudden surge in cyber terrorism .We would be enabling it only towards the weekend.Please bear with us for this temporary inconvenience.
    The bug I wanted to squash managed to fix itself somehow so I suppose it's not too urgent. But does that mean I'm one of the suspects?

Page 1 of 6 1 2 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •