ssh to root
Steve Bertrand
steve at ibctech.ca
Thu Jan 21 04:09:22 UTC 2010
Aryeh M. Friedman wrote:
> I need to set up a machine so that I can type "ssh [host]" as root from
> some other host and I get a prompt with super user privs... I already
> have set this up for user at host for root and ssh host for normal users...
> but root still asks for a password after I set the authorized_keys file
> in ~root/.ssh.. I have looked at ssh_config(5) but can't tell what
> option (if any) does this... if anyone is coruious the final goal here
> is to set up a sysutils/fusefs-ssh for this host (already installed and
> working for normal users but want to make it so it is done as root)
Don't do it.
*never* permit root-level access directly to *any* of your equipment.
You want to provide as many levels of escalation to root level as you
can, no matter what protocol you are using.
Auth in as a normal user (as you stated is already working), and then
use sudo(8) to escalate yourself.
If you can already "ssh [host]" as a normal user, then you already have
the concept of keys.
You can automate the escalation after you've authenticated, and then do
what you want to do.
Seriously...
...don't do it.
Steve
ps.
# pkg_add -r sudo
# rehash
# man sudo
Then, when/if you have problems with specific functions that need root
privileges, ask those questions here instead.
More information about the freebsd-questions
mailing list