1

I need to replace existing sshd config on the remote PC and restart sshd, so I try to use this:

cat /sshd_cfg | ssh [email protected] "cat > /etc/ssh/sshd_config && service sshd restart"

but I get bash: /etc/ssh/sshd_config: Permission Denied

So to use sudo I try "echo pass | sudo -S" like that: cat /sshd_cfg | ssh [email protected] "echo pass | sudo -S cat > /etc/ssh/sshd_config && service sshd restart" but getting the same output - Permission Denied, may be because of pipes collision? What shall I do?

Linux 190 4.3.0-2-generic #11-Ubuntu SMP Fri Dec 4 20:36:35 UTC 2015 i686 i686 i686 GNU/Linux

**

  • upd

As I found, the problem is in user privileges.

If I connect directly to PC and try to execute sudo cat /dev/null > /etc/ssh/sshd_config, I get Permission Denied, but it' okay If I try sudo -H -u root bash -c 'cat /dev/null > /etc/ssh/sshd_config'.

So I tried that from remote: cat /sshd_cfg | ssh user@IP "echo password | sudo -S -H -u root bash -c 'cat > /etc/ssh/sshd_config'"

And this time no errors appeares. And the file was changed, but it became ...blank. Instead cating /sshd_cfg in it.

Why?

rGA145
  • 389
  • 1
  • 5
  • 15
  • Where in that command did you put `sudo`? – roaima Jun 28 '16 at 07:55
  • 2
    Why not just `scp sshd_cfg [email protected]:/etc/ssh`? – Martin von Wittich Jun 28 '16 at 07:56
  • @MartinvonWittich at this level you probably need to assume that `sshd` is configured to prevent root logins – roaima Jun 28 '16 at 08:06
  • @roaima like that: cat /sshd_cfg | ssh [email protected] "echo pass | sudo -S cat > /etc/ssh/sshd_config && service sshd restart" – rGA145 Jun 28 '16 at 08:08
  • 1
    @roaima Then that should be changed. Piping plaintext passwords into `sudo` is a hell of a lot worse than e.g. allowing root logins with a SSH key. My answer to a similar question explains in detail why using `sudo` this way is a bad idea: http://unix.stackexchange.com/questions/92123/rsync-all-files-of-remote-machine-over-ssh-without-root-user/92397#92397 – Martin von Wittich Jun 28 '16 at 09:09
  • @MartinvonWittich `ssh` does allow root logins with a key. It doesn't permit root logins with password. Given the level of this question I was trying to suggest we (all) assume that no certificates had been set up and so no root login could directly be used. _Very happy_ to be proven wrong, though, as that avoids the abhorrence that is `sudo -S` – roaima Jun 28 '16 at 10:10

0 Answers0