What makes the differences between `sudo CMD` and `sudo su` followed by `CMD`?

3

I have an SSH server with key only auth and I want to add a key for a new user.

I log in with one user(kidmose), I try to append the key to a new user's(remote) authorized_keys and it fails:

kidmose@hech-remote-control:~$ sudo cat .ssh/id_rsa.pub > /home/remote/.ssh/authorized_keys
-bash: /home/remote/.ssh/authorized_keys: Permission denied

I sudo su first and things work:

kidmose@hech-remote-control:~$ sudo su
[sudo] password for kidmose: 
root@hech-remote-control:/home/kidmose# cat .ssh/id_rsa.pub > /home/remote/.ssh/authorized_keys

Bonus info: 

kidmose@hech-remote-control:~$ ll /home/remote/.ssh/authorized_keys
-rw-r--r-- 1 remote remote 409 Oct 16 07:14 /home/remote/.ssh/authorized_keys
kidmose@hech-remote-control:~$ uname -a
Linux hech-remote-control.egki 3.13.0-36-generic #63-Ubuntu SMP Wed Sep 3 21:30:07 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

So what is the (relevant) difference between the two approaches?

kidmose

Posted 2014-10-16T07:26:15.593

Reputation: 312

Answers

1

In the first case

 kidmose@hech-remote-control:~$ sudo cat .ssh/id_rsa.pub > /home/remote/.ssh/authorized_keys
  • your bash (try to) open redirection to the file /home/remote/.ssh/authorized_keys
  • then execute sudo cat .ssh/id_rsa.pub

As you don't have access, the command failed.

Archemar

Posted 2014-10-16T07:26:15.593

Reputation: 1 547

1

In the first case the only command run with super user privileges is cat. The redirection to /home/remote/.ssh/authorized_keys is executed as normal user.

In the second case you switch to the root account and all commands are executed with the privileges of the super user.

Bruno9779

Posted 2014-10-16T07:26:15.593

Reputation: 1 225

Asked: 2014-10-16T07:26:15.593

Viewed: 249 times

Active: 2014-10-16T08:50:59.453