I'm facing a problem here, I'd like to use putty cmd to execute script on my remote server, just like below.
putty.exe -ssh [domain] -l [user] -pw [password] hello.pl
However it's required a root permission to execute it. Is there any way to gain a root permission when use putty cmd as default?
Thanks.
Yes, user should be root, and password should be the password for root - obviously, you can only use this approach if you know root's password, and it is a bit insecure so I don't recommend it. If root doesn't have a password, you can set one with sudo passwd.
If root logins are disallowed in the server's configuration, you can:
use sudo hello.pl as the command, and disable asking for the password in /etc/sudoers
or set the setuid bit on hello.pl. (Note that this may be disallowed by the operating system for security reasons!)
However, both ways may require assistance from your system administrator, if you have one.
Related
Need to run bash-script at sudo-user on remote hosts using Ansible. My working machine is Win10 + Cygwin (sorry, it wasn't my fault).
So, i tested it on non-sudo scripts (it doesn't need root access) - and it works.
No, first time it didn't work at all: Failed to connect to the host via ssh: my_user#server1: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)
So, i used this: "ssh-keygen -t rsa" -> "ssh-copy-id my_user#server1" || "ssh-copy-id my_user#server2" under my_user: created an ssh-key and shered it to remote hosts. After that i could run scripts under my_user on server1, server2 and so on...
Now, i need run sudo-scripts. But i can't understand, how it'll be.
on Cygwin there're no ROOT-user. And i don't know, how can to generete ssh-key for nonexistent user.
how to run ansible playbook with root? remote_user: root goes with error: Failed to connect to the host via ssh: my_user#server1: Permission denied Look, it's my_user, not root. Does it run as my_user or root-user?
Maybe i do it wrong at all, and are there any "best practice"-vay to run sudo-scripts?
Oh, please, give me a help to solve my problem.
Seems like auth as root disabled on remote server.
In /etc/ssh/sshd_config find PermitRootLogin and set it on Yes, but I'll not recommend you to do that.
Actually, use exactly root user - it's bad practice.
Check permissions for your my_user. Maybe you can grant it sudo rights without password.
To do that edit /etc/sudoers as root, find this line:
# Allow members of group sudo to execute any command
And after it add this:
my_user ALL=(ALL) NOPASSWD: ALL
After it you'll be able to execute any sudo command without password on remote machine.
I did it, but what i did?
So, steps of solution:
set become: true at playbook, abuote here:
hosts:
test_hosts
become: true
vars:
Next, run playbook with "-K" attibute: ansible-playbook ./your_playbook.yml -K
So, it works: ran and even exec scripts under sudo.
But i can't understand, how can i set what user i use as "executable user".
I need to do a sudo command on a ssh server.
It asks for password
[sudo] password for myname:
but it's apparently different from the password for ssh server itself.
Can sudo only be used by root?
If not, should I ask the maintenance people for the password?
Or is there a way to set it up myself?
See : http://www.gratisoft.us/sudo/sudoers.man.html
Specifically see rootpw, targetpw , etc.
It is possible to have two different passwords, one for the account and another for the sudo command.
You should ask to the Maintenance people....
I connect to a host via SSH with a passphrase. When i am in that host I want to install a few packages for which I have to switch to 'root'. While doing so, it asks for 'Password' and obviously my passphrase doesn't work here. This host is setup only for SSH access. How to get the password details?
You can't switch to the root-user with your own password for obvious reasons. Either you are allowed to sudo su root (which may ask for YOUR password) or you do su root (which asks for root's password)
I'm trying to connect to a server via plink. However, I'm getting the following error:
C:\>plink -ssh -pw password root#server-name
Using username "root".
Access denied
My sshd_config file contains PermitRootLogin yes, even though that's the default value, just to be sure. Is there some other configuration I need to set to allow this type of connection?
Please post or check contents of the log probably found at /var/log/auth.log.
Another question would be if you have a password added for your root account?
Otherwise you can try and set this using sudo passwd root.
My password contained special characters (!##$%^). I needed to add double-quotes around them to get it to not complain. Silly me!
Anyone knows how to ssh / su - by passing the password initially itself?
Like:
ssh username#hostname -p [password]
pbrun su - unix_owner -p [password]
How can I achieve this?
It shouldn't popup for password or any RSA authentication like yes/no.
I think you will probably need a sudoers file to get stuff done in a su like manner without being prompted for a password.
I have never used ssh without a password prompt, but found this which suggests it can be done...
passing a password in clear text is not intended by ssh.
Try to learn about ssh key authentication (google would help), you won't need to type your password anymore.
ok, more detailed, try this:
on the remote machine
> mkdir -p ~/.ssh #if neccessary
> touch ~/.ssh/authorized_keys2
> chmod go-rwx $HOME/.ssh/authorized_keys2
on your local machine:
> ssh-keygen # if neccessary
> cat ~/.ssh/id_rsa.pub | ssh root#remotehost "cat >> .ssh/authorized_keys2 && chmod 0600 ~/.ssh/authorized_keys2"
A better approach would be using ssh keys, like other answers recommend, but if you really need it, you can use expect for that.
Just create a expect.file like this one:
#!/usr/bin/env expect
set username youruser
set pass yourpassword
set host yourhost
spawn ssh ${username}#${host}
expect -re "password:"
send "${pass}\r"
expect -re "$"
interact
and execute it:
expect expect.file
Can't do it. You're invoking the passwd program on the remote machine. If it had a way to change a password without prompting for the old one, ANYONE could change your password if they got onto your console. You'd still need to pass the password in over the ssh link
As for SSH, you could use RSA keys, and those won't prompt you for passwords.
As for SU, it would have to be hardcoded or you would have to create your own application to serve as a wrapper of sorts.
I don't think you can pass in password directly to the ssh command (It will be stored in your history otherwise). Why don't you use keys to skip the authentication prompt.