What's new
By:
Panelica Community Forum

Welcome to the official Panelica Community Forum — the central hub for server administrators, developers, and hosting professionals. Register a free account today to access technical discussions, product announcements, feature requests, and direct support from the Panelica team. Be part of the growing community shaping the future of server management.

SSH & Remote Access — Terminal, Keys, and Chroot

Status
Not open for further replies.
admin

admin

Administrator
Staff member
SSH & Remote Access — Terminal, Keys, and Chroot​

Panelica provides secure remote access with SSH management, web-based terminal, SSH key management, and chroot jail isolation.

Web Terminal​

Browser-based SSH terminal using web-based terminal:

  • No client software needed — Access the terminal directly from your browser
  • Full terminal emulation — Colors, cursor movement, tab completion, command history
  • Copy/paste support — Standard clipboard operations
  • Resizable — Terminal adjusts to browser window size
  • real-time connection — Low-latency, real-time terminal interaction
  • Session management — Track active terminal sessions

SSH User Management​

Control SSH access per user:

  • Enable/Disable SSH — Toggle SSH access per user account
  • Two access modes:
    • SFTP-only (sshjailed) — File transfer only, no shell access
    • Full shell (sshfull) — Bash access within a chroot jail
  • Password authentication — Standard password-based login
  • Key authentication — SSH key-based login (recommended)

SSH Key Management​

  • Upload public keys — Add authorized_keys entries from the panel
  • Multiple keys — Support for multiple SSH keys per user
  • Key removal — Remove individual keys
  • Key fingerprint — View key fingerprints for identification

Chroot Jail​

SSH users are isolated in a secure chroot environment:

  • Isolated filesystem — Users can only see their own home directory
  • Minimal binaries — Only essential commands available (bash, ls, cat, cp, mv, etc.)
  • Bind mounts — System libraries mounted read-only inside the jail
  • No cross-user access — Users cannot see other users processes or files
  • PHP access — PHP CLI available inside the jail via allowed-cmds wrapper

Cgroup Integration​

SSH sessions are automatically placed under the users cgroup slice:

  • CPU and RAM limits apply to all SSH commands
  • Process count limits prevent fork bombs
  • I/O throttling for disk-intensive operations
  • SSH cgroup watcher assigns sessions automatically on login

Security Features​

  • Fail2ban — Automatic IP blocking after failed login attempts
  • Rate limiting — Connection rate limits per IP
  • Audit logging — All SSH sessions logged with timestamp, IP, and duration
  • Session tracking — View and kill active SSH sessions from the panel

Access Control​

  • SSH access is controlled by plan permissions
  • ROOT can enable/disable SSH for any user
  • Users can manage their own SSH keys
  • Shell access type (SFTP-only vs full shell) is configurable per user

If you encounter any issues with this feature, please open a report in the Bug Reports forum.

Related Topics​


---
For issues with this feature, please report in the Bug Reports forum.
 
Last edited:
Status
Not open for further replies.
Back
Top