Topic "Another root login post"

Author Message
djten
[View user's profile]

Joined: 2007-11-04
Posts: 1
I examined the other posts on this subject, and they got me pretty far. I was hoping all the way, but not quite.

I have a situation similar to others, where if I am logged in (via PuTTY) and I need root access, I use su and supply another password. I made the adjustments described in the oft-referred to FAQ, that is, I added the [my username] ALL=(ALL) NOPASSWD: ALL to the /etc/sudoers file, then in WinSCP, I switched to the SCP protocol, and adjusted the shell command to "/bin/bash -c 'sudo su -'".

I think I did all this correctly. I can execute that same command by hand in PuTTY, and it takes me right to the root user with no complaints.

When I finally try to log in with WinSCP, it gets almost all the way, then I get the message "Connection has been unexpectedly closed. Server sent command exit status 1." When I check the log, everything looks fine until near the end, where it has the following lines.

! 2007-11-03 23:48:17.453 sudo: sorry, you must have a tty to run sudo
. 2007-11-03 23:48:17.453 All channels closed. Disconnecting
. 2007-11-03 23:48:17.453 Selecting events 0 for socket 460
. 2007-11-03 23:48:17.453 Server closed network connection
* 2007-11-03 23:48:17.468 (ESshFatal) Connection has been unexpectedly closed. Server sent command exit status 1.
* 2007-11-03 23:48:17.468 Error skipping startup message. Your shell is probably incompatible with the application (BASH is recommended).

Not being a sys admin, I'm scratching my head over the "tty" issue. Anyone have any suggestions?
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24555
Location: Prague, Czechia
djten wrote:
! 2007-11-03 23:48:17.453 sudo: sorry, you must have a tty to run sudo

If your implementation of sudo requires TTY, then there's no help Sad
_________________
Martin Prikryl
Guest




Ahhhh... you gave up too quickly. I did a little digging, and there IS help. I'm adding the solution here for others who may have the same scenario.

In that same file (/etc/sudoers) on the server I am working with, there is a line: Defaults requiretty
If I understand correctly, it's purpose is to make sure that anyone who is trying to su to the root user is an actual human at an actual keyboard, rather than a program or some other non-human entity. However, since I'm the only one with the password, no one else (human or non-human) should be able to get in, so I don't think commenting that line out creates a terrible security risk. Anyone with better sysadmin experience, feel free to correct me on this.

Anyway, commenting out that line, so TTY is not required when su'ing to the root user, is what solved the problem for me. Now I am able to get in with WinSCP and transfer any files, anywhere I need to on the server, as the root user.

One thing I noticed: whenever I upload a new file, it is owned by root:root. If anyone else's system is set up to require some other default owner for certain files (mine does), you may have to follow up the transfer of any new file with a chown to some other appropriate or expected default user.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24555
Location: Prague, Czechia
Thanks! I have expanded FAQ with this info.
_________________
Martin Prikryl
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License