Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
I seriously hope you don't get root access on a box through ssh with password authentication. Better would be that either you or they create a keypair, they create a user on the box(as) with a non-root user (which can have an 'all:nopasswd all' sudoers entry) and enforce key authentication or - if there is SSO - with GSSAPI .
Reading this makes my heart bleed. -
have you heard of ssh keys? admin of the server was suppose to create new account with password to sudo for you so you can change it once he puts keys into allowed_keys for your new account. From there you can sudo su to elevate to root
-
ugh i knew everyone would rant SSH KEY REEEEEEEEEE. yes of course that's the preferred way, but i'd love to ask everyone you get access to making those keys in the first place... you'll still need the SSH password to get in for the first time. the alternative is waiting for the old dev company to send you the public key... which may never come anyway
-
@fullstackchris not necessarily. If the admin of the remote adds the public key into the "authorized_keys" file, all is well and it should work right away.
Related Rants
client: "can you build out a staging server for us? here's all the code, everything you need"
me: "awesome, looking good, i have almost everything i need, just give me the credentials for the server, and I'll get started installing all the infrastructure"
client: "ok, try these!"
me: "doesn't work"
client: "this one?"
me: "doesn't work..."
client: "how about this one?"
me: "STILL NOT WORKING!!!"
imagine you want someone to do stuff on your server and you don't even know the root SSH password.... smh
why is this always a problem, use fucking 1password or something its 40 bucks a year, secure, and you can organize alllll your passwords. don't be a fucking boomer and write them on a piece of paper, or worse, apparently like my client, never know it or have it in the first place.
rant
ssh
passwords
devops