It's easier to ask forgiveness than it is to get permission.
-- Grace Hopper
I've done ops work under various titles for various employers for the last 15 years. If memory serves every one of them has given the ops-geeks sudo
rules that allowed sudo chmod
and sudo chown
to run as root, but would choke on a request for sudo -i
. Here's why that's a stupid policy:
Create an SSH key on your local box if you don’t have one already.
Connect to a target box, and cd to ~roleaccount.
If ~roleaccount/.ssh exists, change permissions on it to allow you to read and write. Otherwise, create ~roleaccount/.sshcd to ~roleaccount/.ssh and
sudo chmod o+wx
authorized_keys.Edit the authorized_keys file to append your public key.
Restore permissions on authorized_keys
Go up to ~roleaccount and restore permissions on .ssh
From your local box: ssh roleaccount@target_host
If you reset permissions correctly, you have just connected directly as roleaccount.
This isn't a stealthy method of switching to another user, so please be ready to explain yourself if there's an audit.
Top comments (0)