通过ssh无密码进行root登录

huangapple go评论65阅读模式
英文:

Root login with ssh without password

问题

PermitRootLogin without-password,这个是允许以root用户登录,无需输入密码。

root ALL=(ALL:ALL) ALL,这个是授予root用户在任何主机以任何用户身份执行任何命令的权限。

some_user ALL=(ALL:ALL) NOPASSWD:ALL,这个是授予"some_user"用户在任何主机以任何用户身份执行任何命令的权限,而且无需密码验证。

%admin ALL=(ALL) ALL,这个是允许属于"admin"用户组的成员获得root权限。

%sudo ALL=(ALL:ALL) ALL,这个是允许属于"sudo"用户组的成员执行任何命令。

但你提到这些配置似乎没有生效,尽管你重启了服务和系统。如果这些配置没有生效,可能需要检查其他因素,如其他配置文件的影响或SSH服务器版本。

英文:

I have a linux server and a list with ssh keys of the authenticated users. Now after connecting to the ssh, the users must use sudo -i to login as root, in order to do their things. Only few people have access to the ssh so this password for the root is not needed in my case, they should be able to login as root without typing any password.

What I did is I added following Line to my sshd_config:

PermitRootLogin without-password

I also checked the sudoers file and this line is in it:

# User privilege specification
root    ALL=(ALL:ALL) ALL
some_user ALL=(ALL:ALL) NOPASSWD:ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

some_user ist the user they login as when accessing the ssh.

This didn't do anything. So i restarted the service and restartet the whole system (sudo reboot) but nothing helped, it still asks for the password everytime the user excecutes sudo -i

答案1

得分: 1

如果我理解问题正确的话,您希望一些用户能够通过SSH连接到您的服务器,并在不输入密码的情况下成为root用户?

如果这是您想要的全部,那么根本不需要sudo。

相反,将他们的SSH公钥添加到root用户的authorized_keys文件中(通常位于/root/.ssh/authorized_keys)

然后,您的用户可以使用“ssh <b>root</b>@your_server.com”而不是“ssh <b>ilian</b>@your_server.com”无需密码登录为root。

(是的,您还需要提到的/etc/ssh/sshd_config项 - PermitRootLogin without-password)。

如果该目录不存在,请创建它,但确保权限和所有权正确。
它必须看起来像这样:

drwx------ 2 root root 4096 Mar 31 2022 /root/.ssh/

这可以通过执行以下操作(作为root用户)来实现:

mkdir -m 700 /root/.ssh

英文:

If I understand the question correctly, you want some users to be able to ssh into your server and become root without them typing a password?

If that's all you want, you don't need sudo at all.

Instead, add their ssh public key to the root user's authorized_keys file (typically /root/.ssh/authorized_keys)

Then your users can login as root without a password with "ssh <b>root</b>@your_server.com" instead of "ssh <b>ilian</b>@your_server.com"

(and yes, you also need the /etc/ssh/sshd_config item you mention - PermitRootLogin without-password).

If the directory does not exist, create it but make sure the permissions and ownership are correct..
It must look like this:

drwx------ 2 root root 4096 Mar 31  2022 /root/.ssh/

This can be achieved by performing (as root):

mkdir -m 700 /root/.ssh

huangapple
  • 本文由 发表于 2023年4月4日 14:14:09
  • 转载请务必保留本文链接:https://go.coder-hub.com/75926031.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定