Easiest way to do a remote sudo

Easiest way to do a remote sudo

Let’s see the easiest way to do a remote sudo:

Usually when a sudo command is executed in a remote server, an error is receive telling us that a remote sudo in not possible, even if the user have permissions for the command we want to use.

easiest way to do a remote sudo 01

This is because sudo, by default, requires a tty to be executed, making not possible to execute it.

CollectNode captures the sudo commands and processes them in a way that this requirement is no longer a problem.

easiest way to do a remote sudo 02

With the command configure we can now configure the password to use if the sudo execution requires a password in the remote servers.  If the sudo password is not configured, CollectNode will use the password of the user used to connect to the remote servers.

Now execute remote sudo is easiest than ever  🙂

Get CollectNode now !

Leave CollectNode to make the hard work, and spend your time where really matters.

Change user password remotely

Change user password remotely

It is easy to change the password for a local user, just type:

and follow the instructions.
But, when we have to change password remotely, things became more complicated. We can make login in each server and change the password manually as explain before,  or change the password remotely using ssh as connection mode, saving time and effort, that we can spend in other tasks. Let’s see how to do it.

root user

If we are root, the solution can be very simple, we will use the command passwd with the option --stdin

–stdin:

This option is used to indicate that passwd should read the  new  password
from standard input, which can be a pipe.

So the command to change the password of user1 to newPassword would be like this:

If the command passwd doesn’t have the option --stdin, because the version,  we can use the following method for non root users.

Non root user

If we are not root, we cannot use --stdin option from passwd, so we have to modify the command a little.

  • non root user, only can change their own password,
  • they have to type the current password
  • they have to type the new password twice
  • accomplish the password policies, that root can ignore.

So to accomplish this requirements, we can use the option -e from echo command, that allow us to use the new line code \n , so we can pass to command passwd the input expected without the --stdin option.

-e:

 enable interpretation of backslash escapes

So finally the command to change the password of user1 to newPassword would be like this:

Put into practice

Let’s see an example where we have to change the password for user1 to oth3r0n3 in five servers, we will use CollectNode to execute the command in all servers quickly and get the command results for each server.

first of all we add the servers name to the file hosts.txt

And now we will use the command for root user:

change password remotely

And that’s all!

 

Get CollectNode now !

Leave CollectNode to make the hard work, and spend your time where really matters.

Execute sudo commands remotely

Execute sudo commands remotely

By default execute remote commands on Unix/Linux systems is as easy as type this code:

But sometimes the result is not the expected:

What is happening here is that sudo by default requires a TTY in order to works, but this behaviour can be changed at /etc/sudoers (use the command visudo for that purpose), changing the line:

by

So now, if we try again, probably we will get the following output:

This is because the user requires a password in order to grant sudo permissions, but we don’t have TTY to type it. The way to fix it is to modified the sudo entry at /etc/sudoers or /etc/sudoers.d/ to allow the user to make sudo without password.

Let’s try now:

Done!


In summary

So, in summary, the steps to follow are:

  1. modified /etc/sudoers  line Defaults requiretty by:

  1. Allow the user to do sudo without password:

That is very useful when we need to get information or execute some command quickly in a server, However from version 1.0.8  CollectNode works with sudo in a very easy way, making not necessary to do all this configuration.

 

Get CollectNode now !

Leave CollectNode to make the hard work, and spend your time where really matters.

Enabling ssh root access on Ubuntu

Enabling ssh root access on Ubuntu

Ubuntu ssh root access is by default disabled, as anybody probably already know, and all administrative tasks have to be done using sudo. Despite the security reasons, sometimes we will need the root account enable and ready to be used, so let’s see how to do it:

1. Adding password to root account

2. Configuring ssh to allow remote root access

We modified sshd_config file:

Comment out the following line:

Add just below the following line, and save the file:

Finally reload ssh configuration:

3. Verify it is working

From now, connect to Ubuntu system with root is possible.

Get CollectNode now !

Leave CollectNode to make the hard work, and spend your time where really matters.

Pin It on Pinterest