Page 1 of 3 123 LastLast
Results 1 to 10 of 25

Thread: Remote root priviliges - how????

  1. #1

    Default Remote root priviliges - how????

    Hoping someone can help with this. My scenario is that I have an Imac, Suse 11.4 box, and a Win7 AD box. There will be VM's running on both Suse and Windows. My hope is to control the Linux and Windows boxes along with the VM's from the iMac using the Mac MS RDP utility as I find that the Mission Control system along with the Mac trackpad is far superior to anything on offer from either Suse or Windows.

    I now have the xrdp server setup and running on my Suse box. I can connect to it just fine from the Mac. I thought all was going to be sweet in my world - until kdewallet popped up when I tried to access my kontact mail account - it refused to accept the password. OK that's no biggy as I simply cancelled it and then entered the mail account password separately in kMail which then downloaded the mail. A little later I needed to su in a terminal - I got an error 'incorrect password'. Similarly it seemed that anything that requires root privileges was not accepted including opening Yast, doing anything with samba etc etc. After a little searching I discover on a Novell webpage that root login on external display is disabled by Suse by default. So I've edited /etc/sysconfig/display manager and changed DISPLAYMANAGER_ROOT_LOGIN_REMOTE="no" to "yes" and changed DISPLAYMANAGER_SHUTDOWN="auto" to "all". Also checked that file permissions are not set to paranoid under the system hardening section of Yast. However after restarting I still find that I am completely unable to get any remote root access - just "incorrect password" messages . This is a real show-stopper for me as root access is something that I need on a regular basis. Surely there must be a way to get this to work??
    Any ideas much appreciated
    Thanks
    Chris

  2. #2

    Default Re: Remote root priviliges - how????

    Sorry for having to reply to my own thread but seems there is a 10 minute limit on editing the original post - crazy!

    I have just discovered that I can connect a new session from the Mac to SuSE as root user and the root password is accepted without problem. Clearly my edits have done some good. However I have no wish to be logged in as root user permanently, and seeing the root desktop, I simply need to have root privileges available to me as and when needed in my user account. It seems it is not possible to 'switch' between users in a remote session so the only way I can get remote root privileges is to close the user session and start a new root session, do what I have to do and then close and open my user session again - a right royal PITA.

  3. #3
    Join Date
    Jun 2008
    Location
    The English Lake District. UK - GMT/BST
    Posts
    36,733
    Blog Entries
    20

    Default Re: Remote root priviliges - how????

    Wouldn't it be better to be normal user and use

    su -
    Leap 15.1_KDE
    My Articles Was I any help? If yes: Click the star below

  4. #4
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    25,241

    Default Re: Remote root priviliges - how????

    You should NEVER login directly as root. And especialy not from a remote site.

    Log in as a normal user (you may even consider creating one for this purpose) and then become root in the normal way. And the normal way on a CLI/terminal sesion (like an SSH one) is indeed:
    Code:
    su -
    Henk van Velden

  5. #5

    Default Re: Remote root priviliges - how????

    Having been searching for answers to this problem I was quite expecting the 'shock horror he's trying to connect to his machine as root' response.
    Perhaps I didn't make myself clear enough - the three machines I have all sit on my desk, and are actually connected to my LAN through another PC running BOSD and acting as a firewall.
    My objective here is to do away with using a KVM on one screen, or Synergy across 3 screens, by using the Mac Mission control app along with its virtual desktops to control other machines using just the Mac along with an auxiliary monitor to give me extra screen space. I have seen this setup on a colleagues Mac and it is a lovely elegant solution for this purpose.
    I'm not worried in the slightest about any perceived security issues of 'logging in' as root - and in fact as I clearly state in my original post that is not what I want! I do not want to 'log in' as root - I just want to have root privileges available to me when I am logged in to my normal account remotely in the same way that I do locally.
    I suspect that the knee jerk reaction to my heading daring to include the words remote and root in the same sentence has meant that the fact that I also stated "A little later I needed to su in a terminal - I got an error 'incorrect password'." has been overlooked by the responders
    su (and sudo) both refuse to accept the root password in a remote session. I note that you say I should use su - (with a hyphen after it) I have tried adding the hyphen in case that is something extra that is needed in a remote session but I still get the response su: incorrect password.

    Chris

  6. #6
    Vahis NNTP User

    Default Re: Remote root priviliges - how????

    shadychris wrote:
    >
    > I got
    > an error 'incorrect password'." has been overlooked by the responders
    > su (and sudo) both refuse to accept the root password in a remote
    > session.


    I am guessing that there's something wrong with your keyboard map or
    character encoding (rather latter) when you type remotely.

    See what you get when you just type the password (no commands, just to
    see what you get) in the remote terminal.

    Also try another terminal, there are many, xterm, konsole etc.
    See also what you get in a text console (Alt Ctrl F1) when you connect.

    Sometimes the character encoding (UTF, ISO-8859) gets akward when going
    remote in some terminals. This may depend on your locale settings.

    I note that you say I should use su - (with a hyphen after it)
    > I have tried adding the hyphen in case that is something extra that is
    > needed in a remote session


    That's to get the root path. Nothing to do with local/remote.

    Vahis
    --
    http://waxborg.servepics.com
    openSUSE 11.4 (x86_64) 2.6.37.6-0.11-default main host
    openSUSE 12.1 (x86_64) 3.2.8-11-desktop Tumbleweed in VirtualBox
    openSUSE 12.1 (i586) 3.1.9-1.4-desktop in EeePC 900

  7. #7
    Join Date
    Jun 2008
    Location
    The English Lake District. UK - GMT/BST
    Posts
    36,733
    Blog Entries
    20

    Default Re: Remote root priviliges - how????

    I'm unfamiliar with MAC in practice.

    But I apologize for my poor interpretation of your requirements.

    Personally I too use remote access, also only on my LAN. But all my machines are openSUSE and I use ssh only. Which does permit me to go su -, once I have the correct settings in the config files.

    But I assume (with it's poached core system) MAC should work well in the scenario you outlined.

    Sorry I can't be more helpful.
    Leap 15.1_KDE
    My Articles Was I any help? If yes: Click the star below

  8. #8
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    25,241

    Default Re: Remote root priviliges - how????

    Yopu may have described your problem so vague that none of us realy understand what you are doing. That may still be the case. But I will add few remarks that may help you to understand your own situation.

    . The - in su - has nothing to do with remote or not. You should allways use it or the bit longer su -l. Read tthe man page of su when you want to know what it does and use your brains to find out why you should use it.

    . When you are loged in in a system in whatever way (remote or not, CLI or GUI) and then want to change your uername to root (and thus your userid to 0) you have to provide the root password (that is not new to you). When you then get the message that the password is wrong, then IMHO that is wat it says. The login mechanism does not check if the original session is a remote one.

    And I for myself do not have any poroblem loggin in using SSH to another system and then using su -:
    Code:
    henk@boven:~> su - mgi ; exit
    Wachtwoord: 
    mgi@boven:~> ssh beneden ; exit
    Password: 
    Last login: Tue Feb 28 10:10:06 2012 from boven.henm.xs4all.nl
    Have a lot of fun...
    mgi@beneden:~> su - ; exit
    Password: 
    beneden:~ #
    I first change from my day to day user to a manager one (mgi) which I specialy created for management work and which is also available on the other system.
    Then I ssh to the other system.
    Then, being loged in, I change to root.

    When I misinterprete your situation completly wrong, then please come with more information, understandable by idiots like me and preferable in an examlple like mine above, where you realy show what happens instead of a story told.
    Henk van Velden

  9. #9

    Default Re: Remote root priviliges - how????

    Thanks Vahis and CAF. I'm pretty sure its not a problem with my keyboard map - although it is a Mac keyboard I already had it configured in SuSe when I was running Synergy. Also I am now allowed to login remotely as root and although it is a different password to my user account it is still only alpha/numeric - no symbols. I'm using Konsol and typed the password there as suggested and it is correct. I have now found a way to get sudo working. There is an option in the sudoers file (commented out by default) that allows all users in the wheel group to run any command without a password. Having uncommented that and added myself to wheel I can now run sudo commands. However it is far from ideal - for example sudo /sbin/YaST doesnt open the graphical interface - but rather the hideous cli text version. Other gui based things that need root privileges also are unavailable such as updating from the software updater applet and kdewallet. Seems that somehow there is a problem with the way that the root password is passed to the xserver when logged in as user. maybe something to do with PAM. Have to dig further I guess... :-(

    Chris

  10. #10

    Default Re: Remote root priviliges - how????

    Well - I now have the answer! Vahis wasnt too far off the mark. Crazy as it sounds the number 'three' key is either not being sent across RDP to the SuSe box, or it is being sent but not being undertsood It works fine on the mac client and also fine on the Windows client - just not on the SuSE server. I just swapped for a normal PC keyboard and get exactly the same behaviour. Every single key on the board gets sent to SuSe except the 'three' !!!! Guess the next step is to remote into the Suse Box from my Windows machine and see if I get the same problem........

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •