su to root as suggested in FAQ does not work

Advertisement

vzagvozdin
Joined:
Posts:
2

su to root as suggested in FAQ does not work

I was trying to setup a WinSCP session to su to root account after logging to a server.
I read FAQ, followed instructions, but it did not work for me.

First, on the server I validated that I can "sudo su" without being prompted for a password.
Then in WinSCP-Environment-SCP-Shell I selected option "Enter", and typed "/usr/bin/sudo su".
WinSCP connects, then dispays message "Starting session", and then aborts.

Did I configure smth wrong?

The box is Linux Red Hat 7.2.
WinSCP is version 3.7.1

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,454
Location:
Prague, Czechia

Re: su to root as suggested in FAQ does not work

Can you post a log file?

Also can you try this using PuTTY? Specify your command "/usr/bin/sudo su" in "Remote command" box on Connection/SSH tab.

Reply with quote

Salix
Guest

I have the same problem

Hi,

I would like to join this thread, because i've got the same problem. I tested the sudo su login with putty -> it works fine!
But wscp won't do it ...

Can you help me?

THANKS
Salix

Log:
. 2006-01-04 18:41:47.046 --------------------------------------------------------------------------
. 2006-01-04 18:41:47.046 WinSCP Version 3.7.6 (Build 306) (OS 5.2.3790 Service Pack 1)
. 2006-01-04 18:41:47.046 Login time: Mittwoch, 4. Januar 2006 18:41:47
. 2006-01-04 18:41:47.046 --------------------------------------------------------------------------
. 2006-01-04 18:41:47.046 Session name: steffen@domain.tld
. 2006-01-04 18:41:47.046 Host name: domain.tld (Port: 22)
. 2006-01-04 18:41:47.046 User name: steffen (Password: No, Key file: No)
. 2006-01-04 18:41:47.046 Transfer Protocol: SCP
. 2006-01-04 18:41:47.046 SSH protocol version: 2; Compression: No
. 2006-01-04 18:41:47.046 Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: No
. 2006-01-04 18:41:47.046 Ciphers: aes,blowfish,3des,WARN,des; Ssh2DES: No
. 2006-01-04 18:41:47.046 Ping type: -, Ping interval: 30 sec; Timeout: 15 sec
. 2006-01-04 18:41:47.046 SSH Bugs: -,-,-,-,-,-,-,-
. 2006-01-04 18:41:47.046 SFTP Bugs: -,-,-
. 2006-01-04 18:41:47.046 Proxy: none
. 2006-01-04 18:41:47.046 Return code variable: Autodetect; Lookup user groups: Yes
. 2006-01-04 18:41:47.046 Shell: /usr/bin/sudo su -, EOL: 0
. 2006-01-04 18:41:47.046 Local directory: default, Remote directory: home, Update: No, Cache: Yes
. 2006-01-04 18:41:47.046 Cache directory changes: Yes, Permanent: Yes
. 2006-01-04 18:41:47.046 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. 2006-01-04 18:41:47.046 Alias LS: No, Ign LS warn: Yes, Scp1 Comp: No
. 2006-01-04 18:41:47.046 --------------------------------------------------------------------------
. 2006-01-04 18:41:47.062 Looking up host "domain.tld"
. 2006-01-04 18:41:47.250 Connecting to 81.XXX.XXX.XXX port 22
. 2006-01-04 18:41:47.359 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:47.359 Looking for incoming data
. 2006-01-04 18:41:47.421 Select result is 1
. 2006-01-04 18:41:47.421 Server version: SSH-2.0-OpenSSH_3.7.1p2
. 2006-01-04 18:41:47.421 We claim version: SSH-2.0-WinSCP_release_3.7.6
. 2006-01-04 18:41:47.421 Using SSH protocol version 2
. 2006-01-04 18:41:47.421 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:47.421 Looking for incoming data
. 2006-01-04 18:41:47.468 Select result is 1
. 2006-01-04 18:41:47.468 Doing Diffie-Hellman group exchange
. 2006-01-04 18:41:47.468 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:47.468 Looking for incoming data
. 2006-01-04 18:41:47.687 Select result is 1
. 2006-01-04 18:41:47.687 Doing Diffie-Hellman key exchange
. 2006-01-04 18:41:48.046 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:48.046 Looking for incoming data
. 2006-01-04 18:41:48.218 Select result is 1
. 2006-01-04 18:41:48.609 Host key fingerprint is:
. 2006-01-04 18:41:48.609 ssh-rsa 1024 b7:0a:5c:8c:4d:ec:72:3f:bb:7c:xx:xx:xx:xx:xx:xx
. 2006-01-04 18:41:48.640 Initialised AES-256 client->server encryption
. 2006-01-04 18:41:48.640 Initialised HMAC-SHA1 client->server MAC algorithm
. 2006-01-04 18:41:48.640 Initialised AES-256 server->client encryption
. 2006-01-04 18:41:48.640 Initialised HMAC-SHA1 server->client MAC algorithm
. 2006-01-04 18:41:48.640 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:48.640 Looking for incoming data
. 2006-01-04 18:41:48.796 Select result is 1
! 2006-01-04 18:41:48.796 Using username "steffen".
. 2006-01-04 18:41:48.796 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:48.796 Looking for incoming data
. 2006-01-04 18:41:49.000 Select result is 1
. 2006-01-04 18:41:49.000 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:49.000 Looking for incoming data
. 2006-01-04 18:41:49.062 Select result is 1
! 2006-01-04 18:41:49.062 Using keyboard-interactive authentication.
. 2006-01-04 18:41:49.062 Password:  prompt from server
. 2006-01-04 18:41:49.062 Asking user for response.
. 2006-01-04 18:41:53.578 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:53.593 Looking for incoming data
. 2006-01-04 18:41:53.703 Select result is 1
. 2006-01-04 18:41:53.703 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:53.703 Looking for incoming data
. 2006-01-04 18:41:53.796 Select result is 1
. 2006-01-04 18:41:53.796 Access granted
. 2006-01-04 18:41:53.796 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:53.796 Looking for incoming data
. 2006-01-04 18:41:53.906 Select result is 1
. 2006-01-04 18:41:53.906 Opened channel for session
. 2006-01-04 18:41:53.921 Waiting for the server to continue with the initialisation
. 2006-01-04 18:41:53.921 Looking for incoming data
. 2006-01-04 18:41:54.015 Select result is 1
. 2006-01-04 18:41:54.015 Started a shell/command
. 2006-01-04 18:41:54.015 --------------------------------------------------------------------------
. 2006-01-04 18:41:54.015 Using SCP protocol.
. 2006-01-04 18:41:54.015 Doing startup conversation with host.
. 2006-01-04 18:41:54.015 Skipping host startup message (if any).
. 2006-01-04 18:41:54.015 Sent 36 bytes
. 2006-01-04 18:41:54.015 There are 0 bytes remaining in the send buffer
. 2006-01-04 18:41:54.015 Sent 1 bytes
. 2006-01-04 18:41:54.015 There are 0 bytes remaining in the send buffer
> 2006-01-04 18:41:54.015 echo "WinSCP: this is end-of-file:0"
. 2006-01-04 18:41:54.015 Waiting for another 1 bytes
. 2006-01-04 18:41:54.015 Looking for incoming data
. 2006-01-04 18:41:54.109 Select result is 1
. 2006-01-04 18:41:54.109 Waiting for another 1 bytes
. 2006-01-04 18:41:54.109 Looking for incoming data
. 2006-01-04 18:41:57.109 Select result is 1
. 2006-01-04 18:41:57.109 Server sent command exit status 1
! 2006-01-04 18:41:57.109 Password: su: incorrect password
. 2006-01-04 18:41:57.109 Waiting for another 1 bytes
. 2006-01-04 18:41:57.109 Looking for incoming data
. 2006-01-04 18:41:57.359 Select result is 1
. 2006-01-04 18:41:57.359 All channels closed. Disconnecting
. 2006-01-04 18:41:57.359 Server closed network connection
. 2006-01-04 18:41:57.359 Waiting for another 1 bytes
. 2006-01-04 18:41:57.359 Looking for incoming data
* 2006-01-04 18:41:57.375 (ESshFatal) Fehler beim Überspringen der Startnachricht. Ihre Kommandozeile (Shell) ist möglicherweise nicht mit dieser Anwendung kompatibel (BASH wird empfohlen).
* 2006-01-04 18:41:57.375 Die Verbindung wurde unerwartet geschlossen. Der Server sendete den Befehlsbeendigungsstatus 1.

Reply with quote

Advertisement

martin
Site Admin
martin avatar

Salix wrote:

I'm sure! With putty it's working!
Sorry, I have no clue then. In the log I can see "Password: su: incorrect password"

Reply with quote

pluggo
Guest

Idea

My guess would be that you're doing 'sudo su' in putty, and just plain 'su' in winscp. To allow su'ing without a password (on a PAM-based system), edit /etc/pam.d/su and add this line:

auth sufficient /lib/security/pam_wheel.so use_uid trust

Then, as long as you're in the group 'wheel', you should be all good.

-b

Reply with quote

Advertisement

You can post new topics in this forum