Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
How do I enable root login to an Ubuntu Server 12.04?
That is, to be able to ssh as root. I can only login now as a regular user.
Thanks
Make sure you have set a root password (sudo su passwd)
Depending how your ssh is installed, you usually need to edit /etc/ssh/sshd_config and change "PermitRootLogin no" to "PermitRootLogin yes"
Edit /etc/ssh/sshd_config and add the following line:
PermitRootLogin yes
You really shouldn't allow direct SSH login as root. It's a pretty major security risk. See http://www.cyberciti.biz/tips/openssh-deny-or-restrict-access-to-users-and-groups.html
Why not log in as a user with sudo privileges then do 'sudo bash' or 'sudo sh'
This site explains a bit more: https://askubuntu.com/questions/57040/what-is-the-difference-between-su-sudo-bash-and-sudo-sh
If you really must enable ssh as root the first link should give you the info you need to configure OpenSSH assuming that's the server you're using.
You'll have to set a root password too, this site should help: https://help.ubuntu.com/community/RootSudo#Enabling%20the%20root%20account
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I would like to setup a server with the ability for users to use SFTP to download files we have placed in their user folder and delete them. But not to be able to leave their folders. I was able to get that to work, but it had the unexpected issue of causing the regular users on the server to no longer be able to upload files to the server.
I am requiring the user to use a Password and SSH Key to login.
The setup I went with was:
addgroup --system sftponly
vim /etc/ssh/sshd_config
AuthenticationMethods publickey,password
PubkeyAuthentication yes
PasswordAuthentication yes
Subsystem sftp internal-sftp -P write
Match Group sftponly
ChrootDirectory /home/%u
ForceCommand internal-sftp -P write
X11Forwarding no
AllowTcpForwarding no
When Adding a User:
usermod -G sftponly $username
chown root:root /home/$username
chmod 755 /home/$username
mkdir /home/$username/ftp
chown $username:$username /home/$username/ftp
I would then put their user files in the FTP folder. Which they were able to read from and delete their own files.
What can I do to make a normal user (one not part of the sftponly group) able to upload files?
Leave the Match Group as is. Edit the "Subsystem" line.
From this:
Subsystem sftp internal-sftp -P write
To this:
Subsystem sftp internal-sftp
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I'm pulling my hair out over this and can't find a solution anywhere.
After a reboot I started getting "Connection refused" through port 22000 which was the one I had configured and SSH was still listening to(I double checked). I'm connecting from a PC on the same LAN.
I could connect to port 22 suddenly after that but there I got "Access denied" after entering my password. After troubleshooting this I got tired and reinstalled openssh, with that I got a clean config and everything including the firewall and selinux is now configured to use port 22 with these commands:
sudo semanage port -a -t ssh_port_t -p tcp 22
sudo firewall-cmd --permanent --zone=public --add-port=22/tcp
sudo firewall-cmd --reload
Still access denied even though it's the correct password, I know since I can use the exact same directly on the server.
I have tried:
Putting "PermitRootLogin yes" in the sshd_config and login with root but that is also denied, same with a new test account I made. I removed "AllowUsers [username]" from the config before this.
Restarted the SSH service and rebooted as well several times.
The solution here to no avail: Centos 7 Remote SSH access denied
Setting selinux to "Permissive"
Disabling the firewall
Changing password to one without special characters
Triple checking that the SSH service is running
Neither "/var/log/secure" nor "/var/log/messages" log anything regarding my attempts to login.
I must have missed something, anyone have any ideas what?
use: ssh -vvv username#host to check the issue.
Try creating a pem file and see if it works.
I solved it and I really don't want to post the answer since it was embarrassingly easy, but I refuse to leave the question unsolved for the poor souls with similar problems.
I rebooted my PC.... facedesk
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Is there a way to specifically ssh into a particular directory in remote location, specifically using the local ssh config file (not terminal)? Something like Dir option in the paragraph below, for example,
Host remote_dir
Hostname remote_server
User username
Dir path/to/remote_dir/
So, if I, ssh using the Host value from above paragraph,
ssh remote_dir
Then, I would like to be logged in and the terminal to be ready for me at path/to/remote_dir/ of the remote server,
username#remote_server: path/to/remote_dir/ > pwd
/home/username/path/to/remote_dir/
In this post on ServerFault, they say you can't do it all through the ssh config file. But you can do it with the ssh config and your .bash_profile or whatever the terminal nerds call it.
in the ssh config file add
Host dev
Hostname server.com
User joe
then in your .bash_profile add an alias
alias domain1="ssh dev -t 'cd domains/domain1; bash'"
Here the dev refers to what you set up in the config file.
In the Terminal, just type domain1, you will be asked to put in your password and will go straight to the directory. Make a new alias for all your domains and it will make logging in to each one super easy.
Take a look at
https://serverfault.com/questions/167416/change-directory-automatically-on-ssh-login
This is the accepted answer:
LocalCommand isn't what you want, anyway. That's run on your machine. You want RemoteCommand. Something like this worked for me:
Host example.net
RemoteCommand cd / && exec bash --login
RequestTTY yes
(Old answer) For a similar use case, ssh -t is also an option:
ssh server -t "cd /my/remote/directory; bash --login"
It is not the same, as it does not use ssh config. But you can define an alias for the command and end up with a similar effect.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
A client gave me a rsa and ppk file so I can log into their server. Im using OSX Lion and I have all my current server connections in my id_rsa file. How do I add their key so I can login with that?
If the RSA file they gave you is stored in, say, ~/client/foo_rsa.key, you could:
$ ssh -i ~/client/foo_rsa.key username#theirhost.example.com
Storing this sort of configuration in ~/.ssh/config is also a very good idea if you want a more permanent solution.
In ~/.ssh/config, add:
host clienthost
identityfile client/foo_rsa.key
hostname theirhost.example.com
user usernameonhost
You then connect simply with:
$ ssh clienthost
and the settings from the config file control your session.
The spacing above is unimportant and included only for readabilty. Read man ssh_config for details of other things you can put in this configuration file. There's A LOT of stuff you can do, including proxying your connection through other hosts, creating encrypted tunnels (for other protocols like HTTP or SOCKS) on arbitrary ports, etc.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am connecting to a web server running Debian. Our team uses Apache and all users are members of the www-data group. When we connect to this server via SFTP (e.g. Transmit), all of our newly uploaded files take on a group name that is the same as the user's name (i.e. their primary group).
Is there a way to change this default group assignment to www-data on SFTP? On the command line, one can type:
$ newgrp www-data
Which assigns the current user's primary group to www-data. All new files created by the user are assigned to this group. Is there an equivalent for SFTP?
Setting a directory setgid means that files created within it will acquire the directory's group ownership.
mkdir web
chgrp www-data web
chmod g+s web
You may require the additional step of setting the umask before the server process starts:
umask 0002;
/usr/lib/openssh/sftp-server
Or in sshd_config, "you can pass a flag and value in (-u 0002) like the following to set the umask value:"
Subsystem sftp /usr/lib/openssh/sftp-server -u 0002