Cantech Knowledge Base

Your Go-To Hosting Resource

  1. WHM
  2. How to Manage Shell Access from WHM?

How to Manage Shell Access from WHM?

Allowing Shell access (SSH) allows you to manage your server through a command-line interface.

Developers and admins who run scripts, manage large databases, or operate bulk files require it.

These are quicker than having a visual menu.

In WHM, it is possible to enable shell access for any specific user or even all users at once.

Understanding the Three Types of Shell Access

You need to know the three levels before you allow access. The correct selection will ensure your server is secure and the user is provided with the necessary tools.

Normal Shell – Full, unrestricted access to the command line. No restrictions on what the user can view in their permissions.

Jailed Shell -The safest alternative in shared environments.

It creates a virtual jail (VirtFS) that allows users to run commands but does not allow them to view or harm other users’ data or core system files.

Disabled Shell – This blocks out the user altogether from connecting via SSH.

This is the default setting for most accounts to ensure maximum security.

The first method is the utilization of the Manage Shell Access Tool.

Method 1: Using the Manage Shell Access Tool

This provides the quickest method of changing access levels for multiple users from a single screen.

  1. Log in to WHM using the root account.
  2. Go to the Account Functions menu and click on “Manage Shell Access.”
  3. You will have a list of all accounts, with radio buttons for Normal, Jailed, and Disabled shells. To change one user: Choose the preferred radio button for their username.
  4. To change all users: Click the Apply to all button at the top of the column, e.g., lock down the server by clicking on ‘Apply to all’ under Disabled Shell.

Method 2: Using “Modify an Account”

When you are already editing the disk space or bandwidth of a user, you can also enable SSH access through this menu.

  1. Log in to WHM and go to Account Functions.
  2. Click “Modify an Account.”
  3. Select the particular cPanel user and then click on Modify.
  4. A form will load with all the account details. Scroll down until you find the Privileges section.
  5. Check the box beside Shell Access. Scroll to the bottom and click Save.

Pro Tip:
When you enable shell access through the “Modify an Account” screen, the system will usually apply the “Jailed Shell” setting by default if your server is configured for it.

Conclusion

Shell access control is a very important aspect of server security. SSH is a powerful tool, and it should only be granted to trusted users. The Jailed Shell option is the most suitable option to provide functionality without compromising the safety of your entire VPS environment.

FAQs

Is Jailed Shell safe for my server?

Yes. Jailed Shell isolates users. They can only interact with their own files and a limited set of system commands, preventing them from affecting other websites on the server.

Can I give someone SSH access without a password?

Yes, for better security, you should use SSH Keys. This allows a user to log in using a digital key file instead of a password, which is much harder for hackers to crack.

Why is my user getting a “Permission Denied” error?

This normally happens when Shell Access is disabled in WHM or when the IP address of the user is blocked in the firewall of the server.

Does enabling SSH affect my server performance?

Running simple commands uses almost no resources. However, if a user runs a heavy script or a complex database query via SSH, it could temporarily increase the CPU load.

How do I disable SSH for everyone quickly?

Go to Manage Shell Access and click the Apply to all button under the Disabled Shell column. This immediately blocks out all the accounts on the server.

May 19, 2026