Differences
This shows you the differences between the selected revisions of the page.
| faq_su 2018-12-19 | faq_su 2026-05-07 (current) | ||
| Line 14: | Line 14: | ||
| The [[scp|SFTP]] and [[scp|SCP]] protocols allow for this, but the actual method is platform dependent. | The [[scp|SFTP]] and [[scp|SCP]] protocols allow for this, but the actual method is platform dependent. | ||
| - | With SFTP protocol, you can use //[[ui_login_sftp#protocol_options|SFTP server]]// option on //SFTP page// of Advanced Site Settings dialog to execute SFTP binary under a different user. With OpenSSH server, you can specify: | + | * With SFTP protocol, you can use //[[ui_login_sftp#protocol_options|SFTP server]]// option on //SFTP page// of Advanced Site Settings dialog to execute SFTP binary under a different user. With OpenSSH server, you can specify: \\ <code> |
| + | sudo /bin/sftp-server | ||
| + | </code> Note that SFTP server binary may be located elsewhere((You can see path to SFTP binary in ''Subsystem sftp'' clause in ''/etc/ssh/sshd_config'', unless keyword ''internal-sftp'' is used instead of a path. You may also use ''whereis sftp-server'' command to locate the binary.)) (e.g. in ''/usr/lib/sftp-server'', ''/usr/lib/openssh/sftp-server'' or ''/usr/libexec/openssh/sftp-server''). | ||
| - | sudo /bin/sftp-server | + | * With SCP protocol, you can specify the following command as custom shell on the //[[ui_login_scp#shell|SCP/Shell page]]// of Advanced Site Settings dialog: \\ <code> |
| - | + | sudo -s | |
| - | Note that SFTP server binary may be located elsewhere((You can see path to SFTP binary in ''Subsystem sftp'' clause in ''/etc/ssh/sshd_config'', unless keyword ''internal-sftp'' is used instead of a path.)) (e.g. in ''/usr/lib/sftp-server'', ''/usr/lib/openssh/sftp-server'' or ''/usr/libexec/openssh/sftp-server''). | + | </code> |
| - | + | ||
| - | With SCP protocol, you can specify following command as custom shell on the //[[ui_login_scp#shell|SCP/Shell page]]// of Advanced Site Settings dialog: | + | |
| - | + | ||
| - | ··sudo -s | + | |
| However you will not be able to provide a password for ''su'' (see [[remote_command#limitations|remote command execution limitations]]). So you may be able to do the above only if you are allowed to do ''sudo su'' without being prompted with password. See ''[[&man_ref(8,sudo)|sudo]]'' documentation to learn how to do that. For example you can add following line to ''[[&man_ref(5,sudoers)|sudoers]]'' file (''/etc/sudoers''): | However you will not be able to provide a password for ''su'' (see [[remote_command#limitations|remote command execution limitations]]). So you may be able to do the above only if you are allowed to do ''sudo su'' without being prompted with password. See ''[[&man_ref(8,sudo)|sudo]]'' documentation to learn how to do that. For example you can add following line to ''[[&man_ref(5,sudoers)|sudoers]]'' file (''/etc/sudoers''): | ||
| Line 34: | Line 32: | ||
| yourusername ALL=NOPASSWD: /bin/sftp-server | yourusername ALL=NOPASSWD: /bin/sftp-server | ||
| - | Note that as WinSCP cannot implement terminal emulation, you need to have ''sudoers'' option ''requiretty'' turned off (which is default). | + | Note that as WinSCP cannot implement terminal emulation, you need to have ''sudoers'' option ''requiretty'' turned off (which is the default and even not supported by modern ''sudo-rs'' implementation). |