• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

remote login as a super user.

 
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hello all,
my project requires to restrict the access of some files/devices for the client on his local machine. can i as a admin login as a super user on client's computer (ofcourse i know the root user/pasword) and change the access control list. or is there any other way to restrict him through my computer.
thak you.
 
Saloon Keeper
Posts: 27762
196
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can use the Secure Shell (ssh) to login as a remote superuser, providing that the client computer has sshd active. In older times, people used telnet, but it was insecure, so remote login of the root user was prohibited by default. SSH traffic is encrypted, so it's not an issue.
 
zius oram
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
thank you for your reply,
if SSHD is not active how can i activate it, and if permitted a remote root, can i investigate clients ACL (ie chacl).
 
Rancher
Posts: 4803
7
Mac OS X VI Editor Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

zius oram wrote:if SSHD is not active how can i activate it, and if permitted a remote root, can i investigate clients ACL (ie chacl).


I don't think you can. And I'd be worried if you could.

allowing remove login as root is a huge security hole. As is allowing a remote user to start sshd.

Normally, is the responsibility of the sysadmin to set this up according to his/her needs.
 
zius oram
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
not remote sshd, actually i am devloping an application to assist sysadmins, i will change the settings on client machine myself, i have all root user/password on admins machine and from there onwards i want to restrict the client access to certain devices. can it be done?
 
Bartender
Posts: 2661
19
Netbeans IDE C++ Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Are you realy shure you want to develop an application that can be used remotely, and that executes commands on the server as root?
 
Tim Holloway
Saloon Keeper
Posts: 27762
196
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This actually sounds more like setting up a policy. It' might be more appropriate to bundle those rules into a package and install that package as part of system maintenance. Not only does it limit the exposure to sensitive services, it's less prone to human error.

There are few things more annoying than being a remote admin who just locked himself out of the very system being administered.
 
zius oram
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Jan Cumps wrote:Are you realy shure you want to develop an application that can be used remotely, and that executes commands on the server as root?



it is sitting on server and executing commands as a super user on client.
 
Pat Farrell
Rancher
Posts: 4803
7
Mac OS X VI Editor Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm still not understanding it, but I sure don't like the security aspects of it. I don't want anyone running root on either my server or my desktops.
 
zius oram
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
thank you for your reply, let me explain the situation.
i am devloping this application for a internet lab, here users are not root, i from my server want to grant access or restrict the use of resources (usb-restricts download, cd rom-no download, drive-dont play with vital data, printer-ask me first), and if there is any other way to do it please tell me, i deadly need to devlope it in time.
 
What do you have to say for yourself? Hmmm? Anything? And you call yourself a tiny ad.
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic