Jul 14 08:02:40 servera sshd: Accepted keyboard-interactive/pam for someuser from x.x.x. On the other hand su command allows one to switch to a. We currently have a report emailed to us letting us know this data to determine if someusers are trying to run commands they are not supposed to, but management wants more info, like hostname and/or IP address of the user at the time the command was run.Īnyone have any ideas how to add log details for sudo or su? The sudo command allows a user to execute command as the root user whose privileges are elevated. If a user is logged in multiple times or from multiple locations there is no way to differenciate the logins. In other words, the tool lets you assume the identity of some other user without having to logout and then login (as that user). It means that all env vars were cleaned and clean. The main work of the su command is to let you switch to some other user during a login session. In case of su - command, the first thing that runs is changing the user and only then the shell runs. I would like to beable to link a failed "sudo su -" to the ssh login, but there is no data other than username. In this article, we will discuss in detail the ‘su’ command as well as how it differs from the ‘sudo’ command. Jul 14 08:03:03 servera su: + 1 someuser-root These options are documented under man sudo. The sudo command is used when you want to run a command that requires the root privileges. The -u user option means to run the command as the specified user rather than root. The -s option means to run the shell specified in the environment variable SHELL if this has been set, or else the users login shell. Jul 14 08:03:03 servera sudo: someuser : TTY=pts/1 PWD=/home/someuser USER=root COMMAND=/usr/bin/su - sudo -su user is short for sudo -s -u user. Jul 14 08:02:48 servera su: - 1 someuser-root The 'sudo' command is an alternative to using a separate root user with its own password. A secure SSH server will not allow direct root login, so the user must gain root after initial login. Difference between su and sudo su duplicate Ask Question Asked 8 years, 1 month ago Modified 5 years, 10 months ago Viewed 59k times 11 This question already has answers here : What are the differences between 'su', 'sudo -s', 'sudo -i', 'sudo su' (6 answers) Closed 8 years ago. Jul 14 08:02:40 servera sshd: Accepted keyboard-interactive/pam for someuser from x.x.x.x port 1406 ssh2 The 'su' command is what a Linux user with proper permissions uses to ascend to the root administrator account.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |