Differences
This shows you the differences between the selected revisions of the page.
| 2007-11-13 | 2007-12-05 | ||
| requiretty needs to be off (martin) | direct login (martin) | ||
| Line 1: | Line 1: | ||
| ====== How do I change user after login (e.g. su root)? ====== | ====== How do I change user after login (e.g. su root)? ====== | ||
| + | You cannot change a user in the middle of file transfer session with neither of protocols WinSCP supports ([[protocols#sftp|SFTP]], [[protocols#ftp|FTP]] and [[protocols#scp|SCP]]). So you need to start with the correct user straight away. | ||
| + | |||
| + | ===== Direct Login ===== | ||
| + | Easiest way is to allow direct login with the user account you need, if it is not allowed already. For accounts such as ''root'', the direct login is typically disabled by default for security reasons. So when enabling it, have security in mind. Particularly with SSH, you may want to keep password authentication (the most vulnerable one) disabled and use e.g. [[public_key|public key authentication]] instead. With OpenSSH server, you can do that by setting ''[[http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config|sshd_config]]'' keyword ''PermitRootLogin'' to ''without-password'' ((Even more restrictive option ''forced-commands-only'' may work with SFTP protocol, but it has not been tested.)). | ||
| + | |||
| + | ===== Use sudo on Login ===== | ||
| + | In some cases you may be able to use ''[[http://www.gratisoft.us/sudo/man/sudo.html|sudo]]'' command straight after login to change a user, before file transfer session starts. | ||
| + | |||
| [[protocols#sftp|SFTP]] and [[protocols#ftp|FTP]] protocols do not allow this. | [[protocols#sftp|SFTP]] and [[protocols#ftp|FTP]] protocols do not allow this. | ||
| Line 6: | Line 14: | ||
| /bin/bash -c 'sudo su -' | /bin/bash -c 'sudo su -' | ||
| - | You can do this only if you are allowed to do ''sudo su'' without being prompted with password. See ''sudo'' documentation to learn how to do that. For example you can add following line to ''sudoers'' file (''/etc/sudoers''): | + | You can do this only if you are allowed to do ''sudo su'' without being prompted with password. See ''[[http://www.gratisoft.us/sudo/man/sudo.html|sudo]]'' documentation to learn how to do that. For example you can add following line to ''[[http://www.gratisoft.us/sudo/man/sudoers.html|sudoers]]'' file (''/etc/sudoers''): |
| yourusername ALL=(ALL) NOPASSWD: ALL | yourusername ALL=(ALL) NOPASSWD: ALL | ||
| - | Note that as WinSCP does not allocate TTY, you need to have ''sudo'' option ''requiretty'' turned off (what is default). | + | Note that as WinSCP does not allocate TTY, you need to have ''sudoers'' option ''requiretty'' turned off (what is default). |