Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How to gain direct root access?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How to gain direct root access?

ftnftn Member

In my new dedicated server to gain root access, I have to issue the command 'su' in ssh. Can some one tell me how can I disable the function and can gain direct root access over ssh?

«13

Comments

  • is it from online or oneprovider? in most cases, once configured that a way, it'll not be possible.

  • Well you are an absolute fucking idiot if you do setup your server this way and most likely will get hacked.

    ..... butttttt if you really want to be an idiot.

    https://linuxconfig.org/enable-ssh-root-login-on-debian-linux-server

  • raindog308raindog308 Administrator, Veteran

    image

    You shouldn't login as root. If you really want to do this:

    1. Create ssh keys (ssh-keygen)

    2. Change PermitRootLogin to PermitRootLogin without-password so you can login, but only with ssh keys.

    There's also sudo, where you could login as a regular user and not have to retype the password. Your ssh client may also automate typing passwords. But really, it's 2016 - who still uses passwords? Use keys.

    Sorry, I won't tell you how to enable root login because you really shouldn't.

    Thanked by 1cassa
  • The problem is I can login to the server with putty.exe with my given root-username and password, to change anything I see permission denied error. However in the command line if I use "su -" and provide password again, I can change anything and gain full super user access.

    I understand its for security. However Im using WinSCP client. With this software I cant do anything after login, showing "permission denied" error. So now I cant use WinSCP client.

    Can some one please tell me what to do exactly so that I can gain super user access as soon I logged in with my username and password, dont want to use su -

  • @century1stop said:
    is it from online or oneprovider? in most cases, once configured that a way, it'll not be possible.

    Its from DataShack

  • Have you tried

     sudo -s 

    ?

  • @raindog308 said:
    You shouldn't login as root.

    I informed them to provide different username for root access, there is no ID named "root" on my server. Im using different username.

  • @black said:
    Have you tried

     sudo -s 

    ?

    My concern, I cant provide su command in WinSCP. Im using SFTP protocol.

  • did you try creating a user with su permissions and use winscp with it?

  • ftnftn Member
    edited February 2016

    @century1stop said:
    did you try creating a user with su permissions and use winscp with it?

    No I dont. How can I?

  • GM2015GM2015 Member
    edited February 2016

    if it's system/network files you edit all the time, then enable root login without pwd http://askubuntu.com/questions/115151/how-to-setup-passwordless-ssh-access-for-root-user

    I prefer to use the terminal for sudo/root system file edits.

    For normal files, use the file owner. You can also go around file permissions with sudo -u youruser insertcommandhere /path/to/file. This forces sudo to execute command as a user you specify.

    Example:

    sudo -u sudouser sudo apt-get update

    ftn said: My concern, I cant provide su command in WinSCP. Im using SFTP protocol.

  • @century1stop said:
    is it from online or oneprovider? in most cases, once configured that a way, it'll not be possible.

    What did I just read?

    Thanked by 1jar
  • raindog308raindog308 Administrator, Veteran

    ftn said: My concern, I cant provide su command in WinSCP. Im using SFTP protocol.

    SFTP supports keys.

  • you read right :D

    @Jonchun said:

  • @century1stop said:
    you read right :D

    Why would it be irreversible?

  • Jonchun said: Why would it be irreversible?

    Stupidity?

    Thanked by 1Jonchun
  • hi, install debian 6 or 7 and you'll be root by default. this system does not use sudo/su.

  • @raindog308 how can I create keys? Can you please provide me steps?

  • @Mark_R said:
    hi, install debian 6 or 7 and you'll be root by default. this system does not use sudo/su.

    Or.. log in as root, install sudo, add a user to the sudo group and then disable root login.

  • @dailymc said:
    Or.. log in as root, install sudo, add a user to the sudo group and then disable root login.

    its definitly a possiblity, but i never understood people who bitch about using root access, its like they actively try to complicate server management.

    anyone who knows what he's doing and hates the annoying permission errors is fine with root access.

    Thanked by 2hostnoob aglodek
  • raindog308raindog308 Administrator, Veteran

    ftn said: how can I create keys? Can you please provide me steps?

    https://help.github.com/articles/generating-an-ssh-key/

  • @Mark_R said:

    If handling permissions is a problem, you need to do some man page reading. Root login is a security risk because it is a username every brute force attack is going to try for. I agree people over complicate things when it comes to security, but I would at least do that as a minimum.

  • @Mun said:
    Well you are an absolute fucking idiot if you do setup your server this way and most likely will get hacked.

    @Mark_R said:
    hi, install debian 6 or 7 and you'll be root by default. this system does not use sudo/su.

    So, are Debian devs stupid or was @Mun wrong? Hmm, were should I put my money on... think, think.... ah!

    Thanked by 1vimalware
  • let me tell you, i've always been using root account on all my servers and never got my system breached.

    by default i setup all my servers like this and in many years never got any issue!!

    http://ctrlv.it/id/4189/4057849423

    (external link because i couldnt paste commands here without cloudflare blocking it.)

    Thanked by 1deadbeef
  • @dailymc said:
    If handling permissions is a problem, you need to do some man page reading. Root login is a security risk because it is a username every brute force attack is going to try for. I agree people over complicate things when it comes to security, but I would at least do that as a minimum.

    by just changing your default ssh port you reject 99% of the bruteforce bots.

    Thanked by 1hostnoob
  • jarjar Patron Provider, Top Host, Veteran
    edited February 2016

    Jonchun said: What did I just read?

    I had noped out of this before I read your reply lol. This ship appears to have already been sunk.

    Thanked by 2GM2015 netomx
  • Mark_R said: its definitly a possiblity, but i never understood people who bitch about using root access, its like they actively try to complicate server management.

    anyone who knows what he's doing and hates the annoying permission errors is fine with root access.

    This.

    I hate software/developers that tell me what to do. I think I've mentioned something before on LET about the idiotic dev behind Thunar file manager who thinks it's acceptable to have an annoying warning if you're logged in as root, which can't be disabled

    "You can't disable it, that will make the warning useless."

    "There will be no option to turn those warnings off, no discussion about that. If you're a desktop user you shouldn't be logged in as root... Second point: we're not forcing you to not be logged in as user, we just advising you it's not smart to do this (and you can't deny we're wrong)."

    "So in other words: warning will not me removed since it's useful for 99% of the users and since we encourage security there will be no option to disable it."

    https://forum.xfce.org/viewtopic.php?id=3255

    I hate that whole "Want to run your computer how you want? Well fuck you, we decide what you should and shouldn't do." mentality

  • Ole_JuulOle_Juul Member
    edited February 2016

    Getting a dedi and not knowing about users and permissions is a bit odd to me. A bit like getting a Ferrari before getting your drivers license. It's fine to not know stuff, we all have to learn. However, I suggest the OP get a cheap VPS to practice on.

    Thanked by 1raindog308
  • @hostnoob

    i totally understand what you are going through, once i wanted to have a nice night of movie streaming and installed VLC on my server for streaming purposes, it didnt allow root user to run it... i actually had to edit the software to remove root detection and make it work!! ridiculous.

    Thanked by 1netomx
  • GM2015GM2015 Member
    edited February 2016

    Indeed.

    VLC is not supposed to be run as root. Sorry.
    If you need to use real-time priorities and/or privileged TCP ports
    you can use vlc-wrapper (make sure it is Set-UID root and
    cannot be run by non-trusted users first).

    Mark_R said: i totally understand what you are going through, once i wanted to have a nice night of movie streaming and installed VLC on my server for streaming purposes, it didnt allow root user to run it... i actually had to edit the software to remove root detection and make it work!! ridiculous.

    sudo vlc

    hostnoob said: Even VLC? Wow

Sign In or Register to comment.