wood burning stoves 2.0*
The moose likes Linux / UNIX and the fly likes remote login as a super user. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of JavaScript Promises Essentials this week in the JavaScript forum!
JavaRanch » Java Forums » Engineering » Linux / UNIX
Bookmark "remote login as a super user." Watch "remote login as a super user." New topic
Author

remote login as a super user.

zius oram
Greenhorn

Joined: Aug 10, 2008
Posts: 20
hello all,
my project requires to restrict the access of some files/devices for the client on his local machine. can i as a admin login as a super user on client's computer (ofcourse i know the root user/pasword) and change the access control list. or is there any other way to restrict him through my computer.
thak you.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16228
    
  21

You can use the Secure Shell (ssh) to login as a remote superuser, providing that the client computer has sshd active. In older times, people used telnet, but it was insecure, so remote login of the root user was prohibited by default. SSH traffic is encrypted, so it's not an issue.


Customer surveys are for companies who didn't pay proper attention to begin with.
zius oram
Greenhorn

Joined: Aug 10, 2008
Posts: 20
thank you for your reply,
if SSHD is not active how can i activate it, and if permitted a remote root, can i investigate clients ACL (ie chacl).
Pat Farrell
Rancher

Joined: Aug 11, 2007
Posts: 4659
    
    5

zius oram wrote:if SSHD is not active how can i activate it, and if permitted a remote root, can i investigate clients ACL (ie chacl).

I don't think you can. And I'd be worried if you could.

allowing remove login as root is a huge security hole. As is allowing a remote user to start sshd.

Normally, is the responsibility of the sysadmin to set this up according to his/her needs.
zius oram
Greenhorn

Joined: Aug 10, 2008
Posts: 20
not remote sshd, actually i am devloping an application to assist sysadmins, i will change the settings on client machine myself, i have all root user/password on admins machine and from there onwards i want to restrict the client access to certain devices. can it be done?
Jan Cumps
Bartender

Joined: Dec 20, 2006
Posts: 2510
    
  10

Are you realy shure you want to develop an application that can be used remotely, and that executes commands on the server as root?

OCUP UML fundamental and ITIL foundation
youtube channel
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16228
    
  21

This actually sounds more like setting up a policy. It' might be more appropriate to bundle those rules into a package and install that package as part of system maintenance. Not only does it limit the exposure to sensitive services, it's less prone to human error.

There are few things more annoying than being a remote admin who just locked himself out of the very system being administered.
zius oram
Greenhorn

Joined: Aug 10, 2008
Posts: 20
Jan Cumps wrote:Are you realy shure you want to develop an application that can be used remotely, and that executes commands on the server as root?


it is sitting on server and executing commands as a super user on client.
Pat Farrell
Rancher

Joined: Aug 11, 2007
Posts: 4659
    
    5

I'm still not understanding it, but I sure don't like the security aspects of it. I don't want anyone running root on either my server or my desktops.
zius oram
Greenhorn

Joined: Aug 10, 2008
Posts: 20
thank you for your reply, let me explain the situation.
i am devloping this application for a internet lab, here users are not root, i from my server want to grant access or restrict the use of resources (usb-restricts download, cd rom-no download, drive-dont play with vital data, printer-ask me first), and if there is any other way to do it please tell me, i deadly need to devlope it in time.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: remote login as a super user.