Re: scp non root
Am 11.04.2013 um 14:04 schrieb Bonno Bloksma:
Our Linux servers have no users configured except for the default
first use besides root. These servers provide a service and do not
require users to log on to the machine.
Of course root cannot login via ssh and that is no problem. A simple
su - is enough to make myself root after that and perform the
necessary tasks. But…
I sometimes need to copy some files from the server to my machine
and want to use scp but… as my default user I do not have access to
the files that I just have been able to access as root. So I need to:
- cp the file to the /home/username directory.
- make sure the filesystem rights are proper for the user to
access the them
Then I can scp as the user to the server and get the file. And of
course in reverse order if I want to place a file on the system.
As root@server:
# scp /some/path/file.txt user@devel.your.domain:~/.
or back
# scp user@devel.your.domain:~/file.txt /some/path/.
Is there a better way or is that the way it needs to be done?
Disallow root-login is inconvenient if you often need root permissions.
There are other ways to lower the risc without restricting access
completely.
1) You can allow root/ssh login, but restrict it to known IPs. Works
also for host-names, also via dynDNS in the case of dynamic IPs.
2) Use key autorisation. This is convenient for batch or cron jobs,
e.g. backup via rsync.
3) If you often need access from home, on travel, from other client
computers, then allow password login for a normal user (you) and su to
root.
Helmut Wollmersdorfer
Reply to: