openssh - run as another user
Iain Morgan
imorgan at nas.nasa.gov
Fri Aug 27 11:30:01 EST 2010
On Thu, Aug 26, 2010 at 18:36:53 -0500, Phillip Wu wrote:
> For security, many systems are configured so you cannot log directly as root via the initial authentication in openssh.
>
> What is usually done is that you log onto as your normal login and once you get a interactive shell you su to root to
> run the command that requires root.
>
> Does openssh have a more elegant way of exec'ing a command as root so I can run the command
> non-interactively? I know:
> Normal userid
> Normal userid password
> Root's password
>
If your site's policy allows setting "PermitRootLogin
forced-commands-only" (see sshd_config(5)), then you could use a
command-restricted public-key to execute a command as root. However, if
you need to execute arbitrary commands then your current approach is the
only real option. But I would suggest using sudo rather than su.
--
Iain Morgan
More information about the openssh-unix-dev
mailing list