2

So I have a script that needs to be executed remotely as root. This isn't a problem with most Linux distros since they have a root account. But since Ubuntu does not, executing anything as root requires a 2-step process of entering the account password twice - once to log in and once for sudo. The SSH process to launch the script is automated, so it cannot pause for user input for the second password request.

Does anyone know, short of hacking Ubuntu to re-enable root (not an option), if unattended SSH script execution with superuser privilege on the target machine is possible? Also, having no experience with Debian, does Debian behave this way too?

Irinotecan
  • 145
  • 1
  • 6

3 Answers3

1

This isn't a problem with most Linux distros since they have a root account. But since Ubuntu does not

Is this a serious sentence? I am yet to see a single *nix system without root account.

sudo su

and you are root. After that use passwd to set root password. And BAM! you are able to login as root (but only if you enable RootLogin in ssh)!

UPDATE: Or use ssh keys as others suggested.

solefald
  • 2,303
  • 15
  • 14
1

You can ssh in using key-based only authentication, and then edit the sudoers file not to require a password. This will eliminate the password at the two steps you described.

To see up ssh key based ssh access:

ssh-keygen
ssh-copy-id dest-server

And the for the sudoers file:

sudo visudo -f /etc/sudoers
#uncomment the following and then add yourself to the sudo group
# %sudo ALL=NOPASSWD: ALL

Better would be to require no password for sudo only for the commands you need to automate this particular function. See my answer here for that.

References:
Setting up a user without a password

How do you setup ssh to authenticate using keys instead of a username / password?

Kyle Brandt
  • 82,107
  • 71
  • 302
  • 444
0

By default connecting as the root account is possible. You just need to setup your ssh keys for the root account. Add your public key to /root/.ssh/authorized_keys

Tou could also create a service account to login that has sudo setup with NOPASSWD.

serviceaccount ALL = NOPASSWD: ALL

On Debian by default the root account will have a password assigned during the install. Though if you use the expert mode installer you can choose an option that will disable the root account and setup sudo exactly like Ubuntu. I strongly prefer the disabled root account because we have many admins, and I want people to login as themselves and then use sudo to perform admin tasks so a log of root activities is created.

Zoredache
  • 128,755
  • 40
  • 271
  • 413