I've setup the .ssh/authorized_keys and am able to login with the new "user" using the pub/private key … I have also added "user" to the sudoers list … the problem I have now is when I try to execute a sudo command, something simple like:
$ sudo cd /root
it will prompt me for my password, which I enter, but it doesn't work (I am using the private key password I set)
Also, I've disabled the user's password using
$ passwd -l user
What am I missing?
Somewhere my initial remarks are being misunderstood …
I am trying to harden my system … the ultimate goal is to use pub/private keys to do logins versus simple password authentication. I've figured out how to set all that up via the authorized_keys file.
Additionally I will ultimately prevent server logins through the root account. But before I do that I need sudo to work for a second user (the user which I will be login into the system with all the time).
For this second user I want to prevent regular password logins and force only pub/private key logins, if I don't lock the user via" passwd -l user … then if I don't use a key, I can still get into the server with a regular password.
But more importantly I need to get sudo to work with a pub/private key setup with a user whose had his/her password disabled.
Edit: OK, I think I've got it (the solution):
1) I've adjusted /etc/ssh/sshd_config and set PasswordAuthentication no
This will prevent ssh password logins (be sure to have a working public/private key setup prior to doing this
2) I've adjusted the sudoers list visudo and added
root ALL=(ALL) ALL
dimas ALL=(ALL) NOPASSWD: ALL
3) root is the only user account that will have a password, I am testing with two user accounts "dimas" and "sherry" which do not have a password set (passwords are blank, passwd -d user)
The above essentially prevents everyone from logging into the system with passwords (a public/private key must be setup).
Additionally users in the sudoers list have admin abilities. They can also su to different accounts. So basically "dimas" can sudo su sherry, however "dimas can NOT do su sherry. Similarly any user NOT in the sudoers list can NOT do su user or sudo su user.
NOTE The above works but is considered poor security. Any script that is able to access code as the "dimas" or "sherry" users will be able to execute sudo to gain root access. A bug in ssh that allows remote users to log in despite the settings, a remote code execution in something like Firefox, or any other flaw that allows unwanted code to run as the user will now be able to run as root. Sudo should always require a password or you may as well log in as root instead of some other user.
Best Answer
sshandsudohave nothing to do with each other. Setting up ansshauthentication method isn't going to do anything forsudo.sudoisn't going to understand ansshpassword.passwd -lis intended to lock a user's account, so that he can no longer authenticate by password. That's pretty much the opposite of what you want, which is letting the user authenticate without a password.I think what you want is the
NOPASSWDoption in yoursudoersfile.(PS, there's no reason to be running a
cdcommand withsudo.cddoes not propagate to parent processes, so as soon as thesudoexits, you're back where you started.)Edit: You keep saying that you want to lock the account password and want sudo to understand public/private keys. Sorry, sudo isn't going to use ssh keys. It isn't ssh. If you don't want users to be able to log in with their passwords, I think the answer is to disable ssh password authentication, not to lock the account. Then you can retain a password for the users, which they can use to sudo after they log in via ssh authorized_keys.