Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: MarcoP on December 09, 2004, 09:42:17 PM
-
Is it possible to SSH into SME (6.0b3) as a normal user and disable root access, so you can use su or sudo only as needed? Server Manager doesn't seem to allow this. It's only admin or nothing, so maybe there's a command line/template that I can edit?
Thanks for any hints.
Peace
-
I'm not sure you should disable login for root, but it is possible to open this for other users. Just log in as root, and use chsh to change the shell of the user to /bin/bash (chsh -s /bin/bash user). The current shell is /bin/false.
If you were to change the root-shell to /bin/false, then root wouldn't be able log in, but I'm not sure if there are any big disadvantages of doing this.
- What would happen if the system crashes and you boot in single user mode ?
-
There is a contrib that will allow user shell access. As with all 3rd party contribs, use it at your own risk.
-
Thank you Curly and Hsing Foo, I will check the usershellaccess contrib. But if I'm SSHing in as a user, is it not better than using root? I mean,
Known Limitations and Caveats: This access is not allowed in the default SME Server installation for security reasons. Shell access, for any user account, is a powerful tool. If you allow sudo as well, you are basically giving complete control of your server to another user.
(No one else has accounts on my server, it would only be me logging in with lower privileges for basic administration tasks for which I rarely need root).
-
just login as user and sudo stuff.