ssh login as user and change to root, without sudossh to server and switch user and change a directorySSH on...
London underground zone 1-2 train ticket
…down the primrose path
Can a Hogwarts student refuse the Sorting Hat's decision?
Traveling from Germany to other countries by train?
What is the corner house number?
What could prevent players from leaving an island?
A verb for when some rights are not violated?
Is there a way to prevent the production team from messing up my paper?
Why does capacitance not depend on the material of the plates?
Is it double speak?
Is space radiation a risk for space film photography, and how is this prevented?
Ancients don't give a full level?
Why did the US Airways Flight 1549 passengers stay on the wings?
Find a text string in a file and output only the rest of the text that follows it?
Does the length of a password for Wi-Fi affect speed?
Nested Unlocked Packages requires Installation of Base Packages?
How to switch an 80286 from protected to real mode?
How can I perform a deterministic physics simulation?
What was the role of Commodore-West Germany?
Did silent film actors actually say their lines or did they simply improvise “dialogue” while being filmed?
Tile the chessboard with four-colored triominoes
Which genus do I use for neutral expressions in German?
What is the probability of a biased coin coming up heads given that a liar is claiming that the coin came up heads?
Do some languages mention the top limit of a range first?
ssh login as user and change to root, without sudo
ssh to server and switch user and change a directorySSH on my local network - problem with loginAutomated ssh login with passphrase?How to securely automate running commands as root with “sudo su -”?root login silently failsPiping tcpdump traffic via SSH - but no root ssh accessCreate ssh root passwordEnable ssh root loginscript ssh login to server and pass root passwordHow to log all SSH activity on server with user's hostname or User name?How to use mobaxterm ssh/SFTP client with root files?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
I have the following task:
- the command has to be run as root on server remotely in bash script over ssh and the command output has to be fetched in variable.
- logging over ssh as root is disabled.
- sudo on server is disabled, so I have to use su.
- EDIT: since I want to make it as automated as possible in bash, the password has to be stored inside command
I have Googled for days, but it seems that I cannot find a solution for this.
Solution proposed here: ssh to server and switch user and change a directory
ssh -t username@hostname "sudo su - otheruser -c "cd /path/to/directory && command""
does not work because sudo is disabled on server:
Does anyone have a solution to this?
ssh su
asked Apr 6 '18 at 16:25
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
add a comment |
I have the following task:
- the command has to be run as root on server remotely in bash script over ssh and the command output has to be fetched in variable.
- logging over ssh as root is disabled.
- sudo on server is disabled, so I have to use su.
- EDIT: since I want to make it as automated as possible in bash, the password has to be stored inside command
I have Googled for days, but it seems that I cannot find a solution for this.
Solution proposed here: ssh to server and switch user and change a directory
ssh -t username@hostname "sudo su - otheruser -c "cd /path/to/directory && command""
does not work because sudo is disabled on server:
Does anyone have a solution to this?
ssh su
asked Apr 6 '18 at 16:25
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
1
To switch to another user, you need not usesudo su - username, you can plainly usesu - username.
– Mukesh Sai Kumar
Apr 6 '18 at 16:55
Thanks for your answer @MukeshSaiKumar. Do you really think that I have "Googled for days" just to find "su" command? Also have you at least tried this? It is not working!
– spaceman117X
Apr 9 '18 at 7:26
suis already a setuid binary, so it must be able to switch to any user which you demand it to, with proper authentication. Ifsudoesn't seem to be working, check if it has the setuid bit set.
– Mukesh Sai Kumar
Apr 21 '18 at 18:32
add a comment |
I have the following task:
- the command has to be run as root on server remotely in bash script over ssh and the command output has to be fetched in variable.
- logging over ssh as root is disabled.
- sudo on server is disabled, so I have to use su.
- EDIT: since I want to make it as automated as possible in bash, the password has to be stored inside command
I have Googled for days, but it seems that I cannot find a solution for this.
Solution proposed here: ssh to server and switch user and change a directory
ssh -t username@hostname "sudo su - otheruser -c "cd /path/to/directory && command""
does not work because sudo is disabled on server:
Does anyone have a solution to this?
ssh su
asked Apr 6 '18 at 16:25
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
I have the following task:
- the command has to be run as root on server remotely in bash script over ssh and the command output has to be fetched in variable.
- logging over ssh as root is disabled.
- sudo on server is disabled, so I have to use su.
- EDIT: since I want to make it as automated as possible in bash, the password has to be stored inside command
I have Googled for days, but it seems that I cannot find a solution for this.
Solution proposed here: ssh to server and switch user and change a directory
ssh -t username@hostname "sudo su - otheruser -c "cd /path/to/directory && command""
does not work because sudo is disabled on server:
Does anyone have a solution to this?
ssh su
ssh su
asked Apr 6 '18 at 16:25
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
asked Apr 6 '18 at 16:25
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
edited Apr 9 '18 at 7:18
spaceman117X
asked Apr 6 '18 at 16:25
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
asked Apr 6 '18 at 16:25
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
asked Apr 6 '18 at 16:25
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
1491 silver badge8 bronze badges
1
To switch to another user, you need not usesudo su - username, you can plainly usesu - username.
– Mukesh Sai Kumar
Apr 6 '18 at 16:55
Thanks for your answer @MukeshSaiKumar. Do you really think that I have "Googled for days" just to find "su" command? Also have you at least tried this? It is not working!
– spaceman117X
Apr 9 '18 at 7:26
suis already a setuid binary, so it must be able to switch to any user which you demand it to, with proper authentication. Ifsudoesn't seem to be working, check if it has the setuid bit set.
– Mukesh Sai Kumar
Apr 21 '18 at 18:32
add a comment |
1
To switch to another user, you need not usesudo su - username, you can plainly usesu - username.
– Mukesh Sai Kumar
Apr 6 '18 at 16:55
Thanks for your answer @MukeshSaiKumar. Do you really think that I have "Googled for days" just to find "su" command? Also have you at least tried this? It is not working!
– spaceman117X
Apr 9 '18 at 7:26
suis already a setuid binary, so it must be able to switch to any user which you demand it to, with proper authentication. Ifsudoesn't seem to be working, check if it has the setuid bit set.
– Mukesh Sai Kumar
Apr 21 '18 at 18:32
1
1
To switch to another user, you need not use
sudo su - username, you can plainly use su - username.– Mukesh Sai Kumar
Apr 6 '18 at 16:55
To switch to another user, you need not use
sudo su - username, you can plainly use su - username.– Mukesh Sai Kumar
Apr 6 '18 at 16:55
Thanks for your answer @MukeshSaiKumar. Do you really think that I have "Googled for days" just to find "su" command? Also have you at least tried this? It is not working!
– spaceman117X
Apr 9 '18 at 7:26
Thanks for your answer @MukeshSaiKumar. Do you really think that I have "Googled for days" just to find "su" command? Also have you at least tried this? It is not working!
– spaceman117X
Apr 9 '18 at 7:26
su is already a setuid binary, so it must be able to switch to any user which you demand it to, with proper authentication. If su doesn't seem to be working, check if it has the setuid bit set.– Mukesh Sai Kumar
Apr 21 '18 at 18:32
su is already a setuid binary, so it must be able to switch to any user which you demand it to, with proper authentication. If su doesn't seem to be working, check if it has the setuid bit set.– Mukesh Sai Kumar
Apr 21 '18 at 18:32
add a comment |
6 Answers
6
active
oldest
votes
Perhaps somewhat off topic but this could be achieved with Python and the paramiko module:
#!/usr/bin/python2
import time
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('127.0.0.1', port=22, username='user', password='pass')
stdin, stdout, stderr = ssh.exec_command('su')
time.sleep(0.1) # some enviroment maybe need this.
stdin.write('root_password_goes_heren')
[ add extra code here to execute a command ]
stdin.flush()
print (stdout.readlines())
ssh.close()
It should be noted that storing passwords in script generally is a bad idea from a security perspective. Make sure you have proper permissions set to the script (e.g. chmod 740)
edited Jan 24 at 16:31
Yaoweilei
32 bronze badges
answered Apr 9 '18 at 7:30
Jeroen - IT NerdboxJeroen - IT Nerdbox
1363 bronze badges
Thanks! looks nice, I heard about paramiko but I have not used it so far. I will try this. I am always interested in trying some alternative methods.
– spaceman117X
Apr 9 '18 at 7:35
I just tried this. I put both regular user and root password. However, when I puttouch /tmp/test/into the[ add extra code here to execute a command ]line it looks like that /tmp/test is still owned by regular user and not root. I have also tried to do it in one line like thisstdin, stdout, stderr = ssh.exec_command('su root -c "touch /tmp/test"') stdin.write('passwordn')then /tmp/test is not created. Any ideas?
– spaceman117X
Apr 9 '18 at 9:49
When I'm home later today I will see what I can come up with for you. I should have something similar somewhere that you could use.
– Jeroen - IT Nerdbox
Apr 9 '18 at 14:06
add a comment |
Login via SSH (as unprivileged user), then run the command su without any arguments to change to the root user. You will need the root password to do this. Then run whatever commands you want to run.
EDIT: If you want to do it in one line, you can use the following:ssh username@hostname "su -c "code_here""
If this doesn't work, make sure the root password is enabled by running passwd as root. This will ask you for a new root password.
Extra: To run a command as another user besides root (Please note that this requires the target user's password):ssh username@hostname "su - username_of_target -c "code_here""
answered Apr 6 '18 at 16:30
GirafferGiraffer
1348 bronze badges
Thanks for your answer @Giraffer and everyone who voted this up. Have you at least tried this? It is not working! it says:user@server ~ $ ssh admin@server "su - root -c "code_here""admin@server.com's password: su: must be run from a terminalPlease do not post stuffs that are not checked. Everyone can copy/paste from google!
– spaceman117X
Apr 9 '18 at 7:30
I have checked, and it worked. No copy/paste from google here. Did you runpasswdas root before hand?
– Giraffer
Apr 10 '18 at 2:28
The issue here can be different versions of the su command, as I found on another websites. But then I would need to upgrade su on all servers. Thats why python solution might be better and easier in this case.
– spaceman117X
Apr 10 '18 at 6:38
add a comment |
So, after 4 hours of additional web crawling, I finally made it! Big thanks for @jeroen-it-nerdbox for giving me insights on this:
Task was to take data from smartctl (which requires root credentials), from server with disabled ssh-root and disabled sudo.
This will of course also work with sudo instead of su.
here is the full workable code in Python with Paramiko implementation.
#!/usr/bin/python2
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('rootserver.domain.com', port=22, username='admin', password='adminpass')
stdin, stdout, stderr = ssh.exec_command('/bin/su root -c "smartctl -a /dev/sda > /tmp/smartctl_output"', get_pty=True)
stdin.write('rootpassn')
stdin.flush()
print (stdout.readlines())
ssh.close()
answered Apr 9 '18 at 14:06
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
add a comment |
You can also used paramiko invoke shell command for interactive session.
https://www.youtube.com/watch?v=lLKdxIu3-A4
enter code here
import paramiko
from paramiko.channel import Channel
import time
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('ip', port=22, username='non-root', password='non-root-password')
channel:Channel = ssh.invoke_shell()
print(type(channel))
channel_data = str()
while True:
if channel.recv_ready():
time.sleep(2)
channel_data += str(channel.recv(999))
else:
continue
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("sun")
time.sleep(5)
channel_data += str(channel.recv(999))
# if "Password" in channel_data:
channel.send("rootpaaswordn")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
# channel_data += str(channel.recv(999))
break
print(channel_data)
answered Dec 28 '18 at 10:39
Chetan KolheChetan Kolhe
1
add a comment |
For somewhat less of a security nightmare than putting the root password in a script, you can use a setuid executable.
setuid executables are run as root, no matter which user executes them.
The main advantage of this is that if someone steals your laptop, they can run smartctl -a /dev/sda as root, but otherwise only has your user privileges. Or even less, if you set up a public key with a forced command as mentioned later.
Write a simple C program, smartctl_wrapper.c, that simply runs the script or program you need, like this:
#include <unistd.h>
int main() {
//depending on your use case, you may want
//setuid(0), setgid(0), and/or setegid(0) here
execl("/full/path/to/smartctl","smartctl","-a","/dev/sda",(char*) NULL);
}
And compile it as gcc smartctl_wrapper.c -o smartctl_wrapper.
You then make this belong to root, and the group that should be able to run it. These commands should be run as root:
chown root:some_group smartctl_wrapper
Then make it a setuid executable. Also prevent any user from editing it:
chmod 4510 smartctl_wrapper
This is now an executable that can be run by any member of some_group with root permissions, without requiring any password.
Now you can simply run it with ssh:
ssh user@server.domain /path/to/smartctl_wrapper
If the server allows it, you can set up the ssh connection with a public key to allow connections without a password. You can also use forced commands so that this key isn't good for anything besides running this script.
If the server does not allow it, you can instead make a script with the ssh password in it. In this case, I would highly recommend you make a new user just for this with minimal permissions and a login shell of /sbin/nologin.
Alternatively, for your specific use case it may make more sense to avoid running commands as root over ssh entirely. You could, for example, schedule this command to run periodically using cron. You can edit root's crontab with:
su -c crontab -e -u root
and adding the line:
5 0 * * sun smartctl -a /dev/sda >> /some/path/to/log/some/non/root/user/can/read
The line given will run the command once weekly, 5 minutes after midnight on Sunday. You can tweak this to your liking, following the directions in crontab(5).
Then you can use ssh just to read the logs.
answered Jan 30 at 9:53
ChrisChris
1,1707 silver badges16 bronze badges
add a comment |
you can do this simply like this in full bash :
sucmd="sh -c 'sleep 3; echo $pass' | script -qc 'su -c ./yourscript.sh root '"
ssh -t -l "$user" "$ipaddress" -p 22 "$sucmd"
kind regards,
answered 26 mins ago
Christophe CasalegnoChristophe Casalegno
1
New contributor
Christophe Casalegno is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f436013%2fssh-login-as-user-and-change-to-root-without-sudo%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
6 Answers
6
active
oldest
votes
6 Answers
6
active
oldest
votes
active
oldest
votes
active
oldest
votes
Perhaps somewhat off topic but this could be achieved with Python and the paramiko module:
#!/usr/bin/python2
import time
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('127.0.0.1', port=22, username='user', password='pass')
stdin, stdout, stderr = ssh.exec_command('su')
time.sleep(0.1) # some enviroment maybe need this.
stdin.write('root_password_goes_heren')
[ add extra code here to execute a command ]
stdin.flush()
print (stdout.readlines())
ssh.close()
It should be noted that storing passwords in script generally is a bad idea from a security perspective. Make sure you have proper permissions set to the script (e.g. chmod 740)
edited Jan 24 at 16:31
Yaoweilei
32 bronze badges
answered Apr 9 '18 at 7:30
Jeroen - IT NerdboxJeroen - IT Nerdbox
1363 bronze badges
Thanks! looks nice, I heard about paramiko but I have not used it so far. I will try this. I am always interested in trying some alternative methods.
– spaceman117X
Apr 9 '18 at 7:35
I just tried this. I put both regular user and root password. However, when I puttouch /tmp/test/into the[ add extra code here to execute a command ]line it looks like that /tmp/test is still owned by regular user and not root. I have also tried to do it in one line like thisstdin, stdout, stderr = ssh.exec_command('su root -c "touch /tmp/test"') stdin.write('passwordn')then /tmp/test is not created. Any ideas?
– spaceman117X
Apr 9 '18 at 9:49
When I'm home later today I will see what I can come up with for you. I should have something similar somewhere that you could use.
– Jeroen - IT Nerdbox
Apr 9 '18 at 14:06
add a comment |
Perhaps somewhat off topic but this could be achieved with Python and the paramiko module:
#!/usr/bin/python2
import time
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('127.0.0.1', port=22, username='user', password='pass')
stdin, stdout, stderr = ssh.exec_command('su')
time.sleep(0.1) # some enviroment maybe need this.
stdin.write('root_password_goes_heren')
[ add extra code here to execute a command ]
stdin.flush()
print (stdout.readlines())
ssh.close()
It should be noted that storing passwords in script generally is a bad idea from a security perspective. Make sure you have proper permissions set to the script (e.g. chmod 740)
edited Jan 24 at 16:31
Yaoweilei
32 bronze badges
answered Apr 9 '18 at 7:30
Jeroen - IT NerdboxJeroen - IT Nerdbox
1363 bronze badges
Thanks! looks nice, I heard about paramiko but I have not used it so far. I will try this. I am always interested in trying some alternative methods.
– spaceman117X
Apr 9 '18 at 7:35
I just tried this. I put both regular user and root password. However, when I puttouch /tmp/test/into the[ add extra code here to execute a command ]line it looks like that /tmp/test is still owned by regular user and not root. I have also tried to do it in one line like thisstdin, stdout, stderr = ssh.exec_command('su root -c "touch /tmp/test"') stdin.write('passwordn')then /tmp/test is not created. Any ideas?
– spaceman117X
Apr 9 '18 at 9:49
When I'm home later today I will see what I can come up with for you. I should have something similar somewhere that you could use.
– Jeroen - IT Nerdbox
Apr 9 '18 at 14:06
add a comment |
Perhaps somewhat off topic but this could be achieved with Python and the paramiko module:
#!/usr/bin/python2
import time
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('127.0.0.1', port=22, username='user', password='pass')
stdin, stdout, stderr = ssh.exec_command('su')
time.sleep(0.1) # some enviroment maybe need this.
stdin.write('root_password_goes_heren')
[ add extra code here to execute a command ]
stdin.flush()
print (stdout.readlines())
ssh.close()
It should be noted that storing passwords in script generally is a bad idea from a security perspective. Make sure you have proper permissions set to the script (e.g. chmod 740)
edited Jan 24 at 16:31
Yaoweilei
32 bronze badges
answered Apr 9 '18 at 7:30
Jeroen - IT NerdboxJeroen - IT Nerdbox
1363 bronze badges
Perhaps somewhat off topic but this could be achieved with Python and the paramiko module:
#!/usr/bin/python2
import time
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('127.0.0.1', port=22, username='user', password='pass')
stdin, stdout, stderr = ssh.exec_command('su')
time.sleep(0.1) # some enviroment maybe need this.
stdin.write('root_password_goes_heren')
[ add extra code here to execute a command ]
stdin.flush()
print (stdout.readlines())
ssh.close()
It should be noted that storing passwords in script generally is a bad idea from a security perspective. Make sure you have proper permissions set to the script (e.g. chmod 740)
edited Jan 24 at 16:31
Yaoweilei
32 bronze badges
answered Apr 9 '18 at 7:30
Jeroen - IT NerdboxJeroen - IT Nerdbox
1363 bronze badges
edited Jan 24 at 16:31
Yaoweilei
32 bronze badges
edited Jan 24 at 16:31
Yaoweilei
32 bronze badges
edited Jan 24 at 16:31
Yaoweilei
32 bronze badges
32 bronze badges
answered Apr 9 '18 at 7:30
Jeroen - IT NerdboxJeroen - IT Nerdbox
1363 bronze badges
answered Apr 9 '18 at 7:30
Jeroen - IT NerdboxJeroen - IT Nerdbox
1363 bronze badges
answered Apr 9 '18 at 7:30
Jeroen - IT NerdboxJeroen - IT Nerdbox
1363 bronze badges
1363 bronze badges
Thanks! looks nice, I heard about paramiko but I have not used it so far. I will try this. I am always interested in trying some alternative methods.
– spaceman117X
Apr 9 '18 at 7:35
I just tried this. I put both regular user and root password. However, when I puttouch /tmp/test/into the[ add extra code here to execute a command ]line it looks like that /tmp/test is still owned by regular user and not root. I have also tried to do it in one line like thisstdin, stdout, stderr = ssh.exec_command('su root -c "touch /tmp/test"') stdin.write('passwordn')then /tmp/test is not created. Any ideas?
– spaceman117X
Apr 9 '18 at 9:49
When I'm home later today I will see what I can come up with for you. I should have something similar somewhere that you could use.
– Jeroen - IT Nerdbox
Apr 9 '18 at 14:06
add a comment |
Thanks! looks nice, I heard about paramiko but I have not used it so far. I will try this. I am always interested in trying some alternative methods.
– spaceman117X
Apr 9 '18 at 7:35
I just tried this. I put both regular user and root password. However, when I puttouch /tmp/test/into the[ add extra code here to execute a command ]line it looks like that /tmp/test is still owned by regular user and not root. I have also tried to do it in one line like thisstdin, stdout, stderr = ssh.exec_command('su root -c "touch /tmp/test"') stdin.write('passwordn')then /tmp/test is not created. Any ideas?
– spaceman117X
Apr 9 '18 at 9:49
When I'm home later today I will see what I can come up with for you. I should have something similar somewhere that you could use.
– Jeroen - IT Nerdbox
Apr 9 '18 at 14:06
Thanks! looks nice, I heard about paramiko but I have not used it so far. I will try this. I am always interested in trying some alternative methods.
– spaceman117X
Apr 9 '18 at 7:35
Thanks! looks nice, I heard about paramiko but I have not used it so far. I will try this. I am always interested in trying some alternative methods.
– spaceman117X
Apr 9 '18 at 7:35
I just tried this. I put both regular user and root password. However, when I put
touch /tmp/test/ into the [ add extra code here to execute a command ] line it looks like that /tmp/test is still owned by regular user and not root. I have also tried to do it in one line like this stdin, stdout, stderr = ssh.exec_command('su root -c "touch /tmp/test"') stdin.write('passwordn') then /tmp/test is not created. Any ideas?– spaceman117X
Apr 9 '18 at 9:49
I just tried this. I put both regular user and root password. However, when I put
touch /tmp/test/ into the [ add extra code here to execute a command ] line it looks like that /tmp/test is still owned by regular user and not root. I have also tried to do it in one line like this stdin, stdout, stderr = ssh.exec_command('su root -c "touch /tmp/test"') stdin.write('passwordn') then /tmp/test is not created. Any ideas?– spaceman117X
Apr 9 '18 at 9:49
When I'm home later today I will see what I can come up with for you. I should have something similar somewhere that you could use.
– Jeroen - IT Nerdbox
Apr 9 '18 at 14:06
When I'm home later today I will see what I can come up with for you. I should have something similar somewhere that you could use.
– Jeroen - IT Nerdbox
Apr 9 '18 at 14:06
add a comment |
Login via SSH (as unprivileged user), then run the command su without any arguments to change to the root user. You will need the root password to do this. Then run whatever commands you want to run.
EDIT: If you want to do it in one line, you can use the following:ssh username@hostname "su -c "code_here""
If this doesn't work, make sure the root password is enabled by running passwd as root. This will ask you for a new root password.
Extra: To run a command as another user besides root (Please note that this requires the target user's password):ssh username@hostname "su - username_of_target -c "code_here""
answered Apr 6 '18 at 16:30
GirafferGiraffer
1348 bronze badges
Thanks for your answer @Giraffer and everyone who voted this up. Have you at least tried this? It is not working! it says:user@server ~ $ ssh admin@server "su - root -c "code_here""admin@server.com's password: su: must be run from a terminalPlease do not post stuffs that are not checked. Everyone can copy/paste from google!
– spaceman117X
Apr 9 '18 at 7:30
I have checked, and it worked. No copy/paste from google here. Did you runpasswdas root before hand?
– Giraffer
Apr 10 '18 at 2:28
The issue here can be different versions of the su command, as I found on another websites. But then I would need to upgrade su on all servers. Thats why python solution might be better and easier in this case.
– spaceman117X
Apr 10 '18 at 6:38
add a comment |
Login via SSH (as unprivileged user), then run the command su without any arguments to change to the root user. You will need the root password to do this. Then run whatever commands you want to run.
EDIT: If you want to do it in one line, you can use the following:ssh username@hostname "su -c "code_here""
If this doesn't work, make sure the root password is enabled by running passwd as root. This will ask you for a new root password.
Extra: To run a command as another user besides root (Please note that this requires the target user's password):ssh username@hostname "su - username_of_target -c "code_here""
answered Apr 6 '18 at 16:30
GirafferGiraffer
1348 bronze badges
Thanks for your answer @Giraffer and everyone who voted this up. Have you at least tried this? It is not working! it says:user@server ~ $ ssh admin@server "su - root -c "code_here""admin@server.com's password: su: must be run from a terminalPlease do not post stuffs that are not checked. Everyone can copy/paste from google!
– spaceman117X
Apr 9 '18 at 7:30
I have checked, and it worked. No copy/paste from google here. Did you runpasswdas root before hand?
– Giraffer
Apr 10 '18 at 2:28
The issue here can be different versions of the su command, as I found on another websites. But then I would need to upgrade su on all servers. Thats why python solution might be better and easier in this case.
– spaceman117X
Apr 10 '18 at 6:38
add a comment |
Login via SSH (as unprivileged user), then run the command su without any arguments to change to the root user. You will need the root password to do this. Then run whatever commands you want to run.
EDIT: If you want to do it in one line, you can use the following:ssh username@hostname "su -c "code_here""
If this doesn't work, make sure the root password is enabled by running passwd as root. This will ask you for a new root password.
Extra: To run a command as another user besides root (Please note that this requires the target user's password):ssh username@hostname "su - username_of_target -c "code_here""
answered Apr 6 '18 at 16:30
GirafferGiraffer
1348 bronze badges
Login via SSH (as unprivileged user), then run the command su without any arguments to change to the root user. You will need the root password to do this. Then run whatever commands you want to run.
EDIT: If you want to do it in one line, you can use the following:ssh username@hostname "su -c "code_here""
If this doesn't work, make sure the root password is enabled by running passwd as root. This will ask you for a new root password.
Extra: To run a command as another user besides root (Please note that this requires the target user's password):ssh username@hostname "su - username_of_target -c "code_here""
answered Apr 6 '18 at 16:30
GirafferGiraffer
1348 bronze badges
edited Apr 6 '18 at 22:10
answered Apr 6 '18 at 16:30
GirafferGiraffer
1348 bronze badges
answered Apr 6 '18 at 16:30
GirafferGiraffer
1348 bronze badges
answered Apr 6 '18 at 16:30
GirafferGiraffer
1348 bronze badges
1348 bronze badges
Thanks for your answer @Giraffer and everyone who voted this up. Have you at least tried this? It is not working! it says:user@server ~ $ ssh admin@server "su - root -c "code_here""admin@server.com's password: su: must be run from a terminalPlease do not post stuffs that are not checked. Everyone can copy/paste from google!
– spaceman117X
Apr 9 '18 at 7:30
I have checked, and it worked. No copy/paste from google here. Did you runpasswdas root before hand?
– Giraffer
Apr 10 '18 at 2:28
The issue here can be different versions of the su command, as I found on another websites. But then I would need to upgrade su on all servers. Thats why python solution might be better and easier in this case.
– spaceman117X
Apr 10 '18 at 6:38
add a comment |
Thanks for your answer @Giraffer and everyone who voted this up. Have you at least tried this? It is not working! it says:user@server ~ $ ssh admin@server "su - root -c "code_here""admin@server.com's password: su: must be run from a terminalPlease do not post stuffs that are not checked. Everyone can copy/paste from google!
– spaceman117X
Apr 9 '18 at 7:30
I have checked, and it worked. No copy/paste from google here. Did you runpasswdas root before hand?
– Giraffer
Apr 10 '18 at 2:28
The issue here can be different versions of the su command, as I found on another websites. But then I would need to upgrade su on all servers. Thats why python solution might be better and easier in this case.
– spaceman117X
Apr 10 '18 at 6:38
Thanks for your answer @Giraffer and everyone who voted this up. Have you at least tried this? It is not working! it says:
user@server ~ $ ssh admin@server "su - root -c "code_here""admin@server.com's password: su: must be run from a terminal Please do not post stuffs that are not checked. Everyone can copy/paste from google!– spaceman117X
Apr 9 '18 at 7:30
Thanks for your answer @Giraffer and everyone who voted this up. Have you at least tried this? It is not working! it says:
user@server ~ $ ssh admin@server "su - root -c "code_here""admin@server.com's password: su: must be run from a terminal Please do not post stuffs that are not checked. Everyone can copy/paste from google!– spaceman117X
Apr 9 '18 at 7:30
I have checked, and it worked. No copy/paste from google here. Did you run
passwd as root before hand?– Giraffer
Apr 10 '18 at 2:28
I have checked, and it worked. No copy/paste from google here. Did you run
passwd as root before hand?– Giraffer
Apr 10 '18 at 2:28
The issue here can be different versions of the su command, as I found on another websites. But then I would need to upgrade su on all servers. Thats why python solution might be better and easier in this case.
– spaceman117X
Apr 10 '18 at 6:38
The issue here can be different versions of the su command, as I found on another websites. But then I would need to upgrade su on all servers. Thats why python solution might be better and easier in this case.
– spaceman117X
Apr 10 '18 at 6:38
add a comment |
So, after 4 hours of additional web crawling, I finally made it! Big thanks for @jeroen-it-nerdbox for giving me insights on this:
Task was to take data from smartctl (which requires root credentials), from server with disabled ssh-root and disabled sudo.
This will of course also work with sudo instead of su.
here is the full workable code in Python with Paramiko implementation.
#!/usr/bin/python2
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('rootserver.domain.com', port=22, username='admin', password='adminpass')
stdin, stdout, stderr = ssh.exec_command('/bin/su root -c "smartctl -a /dev/sda > /tmp/smartctl_output"', get_pty=True)
stdin.write('rootpassn')
stdin.flush()
print (stdout.readlines())
ssh.close()
answered Apr 9 '18 at 14:06
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
add a comment |
So, after 4 hours of additional web crawling, I finally made it! Big thanks for @jeroen-it-nerdbox for giving me insights on this:
Task was to take data from smartctl (which requires root credentials), from server with disabled ssh-root and disabled sudo.
This will of course also work with sudo instead of su.
here is the full workable code in Python with Paramiko implementation.
#!/usr/bin/python2
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('rootserver.domain.com', port=22, username='admin', password='adminpass')
stdin, stdout, stderr = ssh.exec_command('/bin/su root -c "smartctl -a /dev/sda > /tmp/smartctl_output"', get_pty=True)
stdin.write('rootpassn')
stdin.flush()
print (stdout.readlines())
ssh.close()
answered Apr 9 '18 at 14:06
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
add a comment |
So, after 4 hours of additional web crawling, I finally made it! Big thanks for @jeroen-it-nerdbox for giving me insights on this:
Task was to take data from smartctl (which requires root credentials), from server with disabled ssh-root and disabled sudo.
This will of course also work with sudo instead of su.
here is the full workable code in Python with Paramiko implementation.
#!/usr/bin/python2
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('rootserver.domain.com', port=22, username='admin', password='adminpass')
stdin, stdout, stderr = ssh.exec_command('/bin/su root -c "smartctl -a /dev/sda > /tmp/smartctl_output"', get_pty=True)
stdin.write('rootpassn')
stdin.flush()
print (stdout.readlines())
ssh.close()
answered Apr 9 '18 at 14:06
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
So, after 4 hours of additional web crawling, I finally made it! Big thanks for @jeroen-it-nerdbox for giving me insights on this:
Task was to take data from smartctl (which requires root credentials), from server with disabled ssh-root and disabled sudo.
This will of course also work with sudo instead of su.
here is the full workable code in Python with Paramiko implementation.
#!/usr/bin/python2
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('rootserver.domain.com', port=22, username='admin', password='adminpass')
stdin, stdout, stderr = ssh.exec_command('/bin/su root -c "smartctl -a /dev/sda > /tmp/smartctl_output"', get_pty=True)
stdin.write('rootpassn')
stdin.flush()
print (stdout.readlines())
ssh.close()
answered Apr 9 '18 at 14:06
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
answered Apr 9 '18 at 14:06
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
answered Apr 9 '18 at 14:06
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
answered Apr 9 '18 at 14:06
spaceman117Xspaceman117X
1491 silver badge8 bronze badges
1491 silver badge8 bronze badges
add a comment |
add a comment |
You can also used paramiko invoke shell command for interactive session.
https://www.youtube.com/watch?v=lLKdxIu3-A4
enter code here
import paramiko
from paramiko.channel import Channel
import time
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('ip', port=22, username='non-root', password='non-root-password')
channel:Channel = ssh.invoke_shell()
print(type(channel))
channel_data = str()
while True:
if channel.recv_ready():
time.sleep(2)
channel_data += str(channel.recv(999))
else:
continue
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("sun")
time.sleep(5)
channel_data += str(channel.recv(999))
# if "Password" in channel_data:
channel.send("rootpaaswordn")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
# channel_data += str(channel.recv(999))
break
print(channel_data)
answered Dec 28 '18 at 10:39
Chetan KolheChetan Kolhe
1
add a comment |
You can also used paramiko invoke shell command for interactive session.
https://www.youtube.com/watch?v=lLKdxIu3-A4
enter code here
import paramiko
from paramiko.channel import Channel
import time
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('ip', port=22, username='non-root', password='non-root-password')
channel:Channel = ssh.invoke_shell()
print(type(channel))
channel_data = str()
while True:
if channel.recv_ready():
time.sleep(2)
channel_data += str(channel.recv(999))
else:
continue
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("sun")
time.sleep(5)
channel_data += str(channel.recv(999))
# if "Password" in channel_data:
channel.send("rootpaaswordn")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
# channel_data += str(channel.recv(999))
break
print(channel_data)
answered Dec 28 '18 at 10:39
Chetan KolheChetan Kolhe
1
add a comment |
You can also used paramiko invoke shell command for interactive session.
https://www.youtube.com/watch?v=lLKdxIu3-A4
enter code here
import paramiko
from paramiko.channel import Channel
import time
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('ip', port=22, username='non-root', password='non-root-password')
channel:Channel = ssh.invoke_shell()
print(type(channel))
channel_data = str()
while True:
if channel.recv_ready():
time.sleep(2)
channel_data += str(channel.recv(999))
else:
continue
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("sun")
time.sleep(5)
channel_data += str(channel.recv(999))
# if "Password" in channel_data:
channel.send("rootpaaswordn")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
# channel_data += str(channel.recv(999))
break
print(channel_data)
answered Dec 28 '18 at 10:39
Chetan KolheChetan Kolhe
1
You can also used paramiko invoke shell command for interactive session.
https://www.youtube.com/watch?v=lLKdxIu3-A4
enter code here
import paramiko
from paramiko.channel import Channel
import time
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('ip', port=22, username='non-root', password='non-root-password')
channel:Channel = ssh.invoke_shell()
print(type(channel))
channel_data = str()
while True:
if channel.recv_ready():
time.sleep(2)
channel_data += str(channel.recv(999))
else:
continue
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("sun")
time.sleep(5)
channel_data += str(channel.recv(999))
# if "Password" in channel_data:
channel.send("rootpaaswordn")
time.sleep(2)
channel_data += str(channel.recv(999))
channel.send("whoamin")
time.sleep(2)
channel_data += str(channel.recv(999))
# channel_data += str(channel.recv(999))
break
print(channel_data)
answered Dec 28 '18 at 10:39
Chetan KolheChetan Kolhe
1
answered Dec 28 '18 at 10:39
Chetan KolheChetan Kolhe
1
answered Dec 28 '18 at 10:39
Chetan KolheChetan Kolhe
1
answered Dec 28 '18 at 10:39
Chetan KolheChetan Kolhe
1
1
add a comment |
add a comment |
For somewhat less of a security nightmare than putting the root password in a script, you can use a setuid executable.
setuid executables are run as root, no matter which user executes them.
The main advantage of this is that if someone steals your laptop, they can run smartctl -a /dev/sda as root, but otherwise only has your user privileges. Or even less, if you set up a public key with a forced command as mentioned later.
Write a simple C program, smartctl_wrapper.c, that simply runs the script or program you need, like this:
#include <unistd.h>
int main() {
//depending on your use case, you may want
//setuid(0), setgid(0), and/or setegid(0) here
execl("/full/path/to/smartctl","smartctl","-a","/dev/sda",(char*) NULL);
}
And compile it as gcc smartctl_wrapper.c -o smartctl_wrapper.
You then make this belong to root, and the group that should be able to run it. These commands should be run as root:
chown root:some_group smartctl_wrapper
Then make it a setuid executable. Also prevent any user from editing it:
chmod 4510 smartctl_wrapper
This is now an executable that can be run by any member of some_group with root permissions, without requiring any password.
Now you can simply run it with ssh:
ssh user@server.domain /path/to/smartctl_wrapper
If the server allows it, you can set up the ssh connection with a public key to allow connections without a password. You can also use forced commands so that this key isn't good for anything besides running this script.
If the server does not allow it, you can instead make a script with the ssh password in it. In this case, I would highly recommend you make a new user just for this with minimal permissions and a login shell of /sbin/nologin.
Alternatively, for your specific use case it may make more sense to avoid running commands as root over ssh entirely. You could, for example, schedule this command to run periodically using cron. You can edit root's crontab with:
su -c crontab -e -u root
and adding the line:
5 0 * * sun smartctl -a /dev/sda >> /some/path/to/log/some/non/root/user/can/read
The line given will run the command once weekly, 5 minutes after midnight on Sunday. You can tweak this to your liking, following the directions in crontab(5).
Then you can use ssh just to read the logs.
answered Jan 30 at 9:53
ChrisChris
1,1707 silver badges16 bronze badges
add a comment |
For somewhat less of a security nightmare than putting the root password in a script, you can use a setuid executable.
setuid executables are run as root, no matter which user executes them.
The main advantage of this is that if someone steals your laptop, they can run smartctl -a /dev/sda as root, but otherwise only has your user privileges. Or even less, if you set up a public key with a forced command as mentioned later.
Write a simple C program, smartctl_wrapper.c, that simply runs the script or program you need, like this:
#include <unistd.h>
int main() {
//depending on your use case, you may want
//setuid(0), setgid(0), and/or setegid(0) here
execl("/full/path/to/smartctl","smartctl","-a","/dev/sda",(char*) NULL);
}
And compile it as gcc smartctl_wrapper.c -o smartctl_wrapper.
You then make this belong to root, and the group that should be able to run it. These commands should be run as root:
chown root:some_group smartctl_wrapper
Then make it a setuid executable. Also prevent any user from editing it:
chmod 4510 smartctl_wrapper
This is now an executable that can be run by any member of some_group with root permissions, without requiring any password.
Now you can simply run it with ssh:
ssh user@server.domain /path/to/smartctl_wrapper
If the server allows it, you can set up the ssh connection with a public key to allow connections without a password. You can also use forced commands so that this key isn't good for anything besides running this script.
If the server does not allow it, you can instead make a script with the ssh password in it. In this case, I would highly recommend you make a new user just for this with minimal permissions and a login shell of /sbin/nologin.
Alternatively, for your specific use case it may make more sense to avoid running commands as root over ssh entirely. You could, for example, schedule this command to run periodically using cron. You can edit root's crontab with:
su -c crontab -e -u root
and adding the line:
5 0 * * sun smartctl -a /dev/sda >> /some/path/to/log/some/non/root/user/can/read
The line given will run the command once weekly, 5 minutes after midnight on Sunday. You can tweak this to your liking, following the directions in crontab(5).
Then you can use ssh just to read the logs.
answered Jan 30 at 9:53
ChrisChris
1,1707 silver badges16 bronze badges
add a comment |
For somewhat less of a security nightmare than putting the root password in a script, you can use a setuid executable.
setuid executables are run as root, no matter which user executes them.
The main advantage of this is that if someone steals your laptop, they can run smartctl -a /dev/sda as root, but otherwise only has your user privileges. Or even less, if you set up a public key with a forced command as mentioned later.
Write a simple C program, smartctl_wrapper.c, that simply runs the script or program you need, like this:
#include <unistd.h>
int main() {
//depending on your use case, you may want
//setuid(0), setgid(0), and/or setegid(0) here
execl("/full/path/to/smartctl","smartctl","-a","/dev/sda",(char*) NULL);
}
And compile it as gcc smartctl_wrapper.c -o smartctl_wrapper.
You then make this belong to root, and the group that should be able to run it. These commands should be run as root:
chown root:some_group smartctl_wrapper
Then make it a setuid executable. Also prevent any user from editing it:
chmod 4510 smartctl_wrapper
This is now an executable that can be run by any member of some_group with root permissions, without requiring any password.
Now you can simply run it with ssh:
ssh user@server.domain /path/to/smartctl_wrapper
If the server allows it, you can set up the ssh connection with a public key to allow connections without a password. You can also use forced commands so that this key isn't good for anything besides running this script.
If the server does not allow it, you can instead make a script with the ssh password in it. In this case, I would highly recommend you make a new user just for this with minimal permissions and a login shell of /sbin/nologin.
Alternatively, for your specific use case it may make more sense to avoid running commands as root over ssh entirely. You could, for example, schedule this command to run periodically using cron. You can edit root's crontab with:
su -c crontab -e -u root
and adding the line:
5 0 * * sun smartctl -a /dev/sda >> /some/path/to/log/some/non/root/user/can/read
The line given will run the command once weekly, 5 minutes after midnight on Sunday. You can tweak this to your liking, following the directions in crontab(5).
Then you can use ssh just to read the logs.
answered Jan 30 at 9:53
ChrisChris
1,1707 silver badges16 bronze badges
For somewhat less of a security nightmare than putting the root password in a script, you can use a setuid executable.
setuid executables are run as root, no matter which user executes them.
The main advantage of this is that if someone steals your laptop, they can run smartctl -a /dev/sda as root, but otherwise only has your user privileges. Or even less, if you set up a public key with a forced command as mentioned later.
Write a simple C program, smartctl_wrapper.c, that simply runs the script or program you need, like this:
#include <unistd.h>
int main() {
//depending on your use case, you may want
//setuid(0), setgid(0), and/or setegid(0) here
execl("/full/path/to/smartctl","smartctl","-a","/dev/sda",(char*) NULL);
}
And compile it as gcc smartctl_wrapper.c -o smartctl_wrapper.
You then make this belong to root, and the group that should be able to run it. These commands should be run as root:
chown root:some_group smartctl_wrapper
Then make it a setuid executable. Also prevent any user from editing it:
chmod 4510 smartctl_wrapper
This is now an executable that can be run by any member of some_group with root permissions, without requiring any password.
Now you can simply run it with ssh:
ssh user@server.domain /path/to/smartctl_wrapper
If the server allows it, you can set up the ssh connection with a public key to allow connections without a password. You can also use forced commands so that this key isn't good for anything besides running this script.
If the server does not allow it, you can instead make a script with the ssh password in it. In this case, I would highly recommend you make a new user just for this with minimal permissions and a login shell of /sbin/nologin.
Alternatively, for your specific use case it may make more sense to avoid running commands as root over ssh entirely. You could, for example, schedule this command to run periodically using cron. You can edit root's crontab with:
su -c crontab -e -u root
and adding the line:
5 0 * * sun smartctl -a /dev/sda >> /some/path/to/log/some/non/root/user/can/read
The line given will run the command once weekly, 5 minutes after midnight on Sunday. You can tweak this to your liking, following the directions in crontab(5).
Then you can use ssh just to read the logs.
answered Jan 30 at 9:53
ChrisChris
1,1707 silver badges16 bronze badges
edited Jan 30 at 10:20
answered Jan 30 at 9:53
ChrisChris
1,1707 silver badges16 bronze badges
answered Jan 30 at 9:53
ChrisChris
1,1707 silver badges16 bronze badges
answered Jan 30 at 9:53
ChrisChris
1,1707 silver badges16 bronze badges
1,1707 silver badges16 bronze badges
add a comment |
add a comment |
you can do this simply like this in full bash :
sucmd="sh -c 'sleep 3; echo $pass' | script -qc 'su -c ./yourscript.sh root '"
ssh -t -l "$user" "$ipaddress" -p 22 "$sucmd"
kind regards,
answered 26 mins ago
Christophe CasalegnoChristophe Casalegno
1
New contributor
Christophe Casalegno is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
you can do this simply like this in full bash :
sucmd="sh -c 'sleep 3; echo $pass' | script -qc 'su -c ./yourscript.sh root '"
ssh -t -l "$user" "$ipaddress" -p 22 "$sucmd"
kind regards,
answered 26 mins ago
Christophe CasalegnoChristophe Casalegno
1
New contributor
Christophe Casalegno is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
you can do this simply like this in full bash :
sucmd="sh -c 'sleep 3; echo $pass' | script -qc 'su -c ./yourscript.sh root '"
ssh -t -l "$user" "$ipaddress" -p 22 "$sucmd"
kind regards,
answered 26 mins ago
Christophe CasalegnoChristophe Casalegno
1
New contributor
Christophe Casalegno is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
you can do this simply like this in full bash :
sucmd="sh -c 'sleep 3; echo $pass' | script -qc 'su -c ./yourscript.sh root '"
ssh -t -l "$user" "$ipaddress" -p 22 "$sucmd"
kind regards,
answered 26 mins ago
Christophe CasalegnoChristophe Casalegno
1
New contributor
Christophe Casalegno is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 26 mins ago
Christophe CasalegnoChristophe Casalegno
1
New contributor
Christophe Casalegno is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 26 mins ago
Christophe CasalegnoChristophe Casalegno
1
answered 26 mins ago
Christophe CasalegnoChristophe Casalegno
1
1
New contributor
Christophe Casalegno is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Christophe Casalegno is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f436013%2fssh-login-as-user-and-change-to-root-without-sudo%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
To switch to another user, you need not use
sudo su - username, you can plainly usesu - username.– Mukesh Sai Kumar
Apr 6 '18 at 16:55
Thanks for your answer @MukeshSaiKumar. Do you really think that I have "Googled for days" just to find "su" command? Also have you at least tried this? It is not working!
– spaceman117X
Apr 9 '18 at 7:26
suis already a setuid binary, so it must be able to switch to any user which you demand it to, with proper authentication. Ifsudoesn't seem to be working, check if it has the setuid bit set.– Mukesh Sai Kumar
Apr 21 '18 at 18:32