[mdlug] Remote SSH commands
Jeff Hanson
jhansonxi at gmail.com
Wed Jan 12 00:16:08 EST 2011
On Tue, Jan 11, 2011 at 11:53 PM, Michael ORourke
<mrorourke at earthlink.net> wrote:
> Lug Nuts,
>
> Anyone out there using the "forced-commands-only" option under OpenSSH?
>
> From what I have read, it sounds like it's a pain to administer because it
> is based on key-pairs. I'm just curious if other admins are using that
> option and restricting remote root logins. It's extremely handy to run
> commands from a central server as root, but breaks if you set
> "PermitRootLogin no" in the sshd_config.
>
On Ubuntu I'm not using the "forced-commands-only" mode, just
"PermitRootLogin no" and "PasswordAuthentication no". I generated a
key pair from my workstation and put the public one in the
~/.ssh/authorized_keys of the default admin (first user created,
"administrator" in my install), then ssh in as administrator, issue a
"sudo su", and I've got root.
More information about the mdlug
mailing list