Linux su command, sudo command and restrict root telnet

Source: Internet
Author: User



3.7 su command :



su Command is used to switch users, for example I want to switch from root user to user2 User:








This - option is to completely switch user's meaning, if not add - option also can, but switch not completely, such as the current home directory or root, environment variables are also configuration of root and so on:








You can use the SU command to execute a command as a user, and the user does not log on:








A normal user will need to enter a password when using the SU command to switch to the root user or other ordinary user, and root Users do not need to enter a password to switch to a normal User:








One situation is that an ordinary user does not have a home directory, which is a bit different from other users when logged in to this user:








To get this user back to normal , you need to use the root user to create a home directory for the user in the home directory , and then copy the home directory configuration file in:



1. Create a home directory:








2. copy the Skel directory configuration file, this skel directory is the template directory inside the configuration file All users are generic, after the copy to change the owning group:








3. login OK:








sudo command :



sudo command You can let ordinary users temporarily specify a user to execute a command, which is generally used to temporarily grant the identity of the root user to the ordinary user.



To view the configuration file command:





The reason for opening a file with this command is that you can detect a syntax error while editing this profile.








Note: To give the user specific commands, to write the absolute path of the command file, and to be separated by commas and spaces









normal users who want to view The root directory are not authorized enough:








  But as we have just given in the configuration file user2 user can use command temporarily obtained with root ls MV cat sudo command to see the root directory:








when granting permissions in the configuration file, add a PASSWD: You do not need to enter a password when a normal user uses the sudo command:








Use of aliases for configuration files:







To configure permissions for a user group:








limit root telnet :



because the root user's password is important and cannot be easily known, we need to allow ordinary users to log in to the root user without knowing the password :



1. First Edit the configuration file using the visudo command:







2. successful configuration You can use the sudo command to log on root without a password :








r telnet :



1. Modify The sshd.config configuration file:











After you do this, you cannot log on to the root user either with a key or a password :







Only normal users can log on remotely:








because it has just been granted to ordinary users to use the sudo command to password-free login to the root user, so now ordinary users can not know the password in the case of log on to root :











to cancel the restriction, comment out the line that you just modified in the Sshd.config file, and then restart the service:




after you cancel the limit, you can log on to root normally .






This article is from the "12831981" blog, please be sure to keep this source http://12841981.blog.51cto.com/12831981/1972142



Linux su command, sudo command and restrict root telnet


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.