Faster SSH Login Process?

RazorX · Jul 18, 2010

Ok, so every time I need ssh in and do something on my server I go through the following motions:

Code:

login as: exampleuser
Using keyboard-interactive authentication.
Password:
FreeBSD% su
Password:
FreeBSD# zsh

Then, to log off:

Code:

FreeBSD# exit
FreeBSD# exit
logout
FreeBSD% exit

I feel like there should be a better way minimize the number of steps. Anyone have any good advice on this?

fronclynne · Jul 18, 2010

Use username@host when logging in via ssh.
& use key pairs:
http://pkeck.myweb.uga.edu/ssh/
for ssh(1) (I think most of it's still valid, obviously check for yourself). ssh-keygen(1) etc etc

You can use security/sudo with a "%group ALL=(ALL) NOPASSWD: ALL" or "username ALL=(ALL) NOPASSWD: ALL" in your sudoers(5) (visudo(8)) and then use [cmd=""]sudo su[/cmd] instead of plain old su(1).

That brings it down to:
[cmd=""]ssh user@host[/cmd]
[cmd=""]sudo su[/cmd]

Which is significantly less typing.

Oh, and for logging off, just use [cmd="FreeBSDhost#"]~.[/cmd]

Alt · Jul 18, 2010

RazorX set default shell for your user to zsh. Login su via `su -m` - you user your config will be used.
Hit Ctrl-d instead of `exit`, so you can logout very quickly

gordon@ · Jul 18, 2010

Try this instead:

Code:

login as: exampleuser
Using keyboard-interactive authentication.
Password:
FreeBSD% su
Password:
FreeBSD# exec zsh

That will only require you to exit from 2 shells.

phoenix · Jul 19, 2010

Alternatively, just use sudo on it's own, so that you never have to login (su) as root and execute zsh.

What are you doing that requires you to be logged in as root for such long periods of time that you need to use zsh?

RazorX · Jul 24, 2010

Its a web server so I don't really login to use some suite of program. Most things I do involve editing conf files, restarting the associated services, updating ports, and updating the web application files, etc. I'm pretty sure most of the commands I issue would require root privilege, so using sudo would just be annoying I think. I'm sure there are some tasks, like viewing log files, that I wouldn't need root for, but normally they are part of some larger job that does.

RazorX · Aug 1, 2010

fronclynne said:
You can use security/sudo with a "%group ALL=(ALL) NOPASSWD: ALL" or "username ALL=(ALL) NOPASSWD: ALL" in your sudoers(5) (visudo(8)) and then use [cmd=""]sudo su[/cmd] instead of plain old su(1).

So I got the key pairs working. And the above lets me do "sudo su" and login as root without a password. Is that a large security risk?

Also, if I do "sudo su -m", then it doesn't load zsh as root, but if I do "su -m" then root loads with zsh as desired. Any ideas?

fronclynne · Aug 1, 2010

RazorX said:
So I got the key pairs working. And the above lets me do "sudo su" and login as root without a password. Is that a large security risk?

Also, if I do "sudo su -m", then it doesn't load zsh as root, but if I do "su -m" then root loads with zsh as desired. Any ideas?

When you issue "sudo su" it's probably picking up root's config rather than the user's, or it's not preserving that part of your environment. I'd fiddle with adding "Defaults env_keep += SHELL" maybe.

Oh, & yes, with NOPASSWD set if your user account is hacked, root is hacked, so it's definitely slightly riskier.