Solved

remote access to the redhat linux server

Posted on 2007-12-06
4
1,810 Views
Last Modified: 2013-12-06
Dear Sir/Madam:

I have redhat linux enterprise version 5 as network opearating system  in my lan which can be accessed from the remote by ssh , we have software development team in the remote place now they have to login to this server from remote install and test the developed application , application is developed using java , mysql and apache  this is fine , problem is i do not want to give the  ssh root access to login from the remote place but if given ordinary ssh login they will not able able to install , remove packages of apache , mysql and java packages also they cannot start or stop the services , please suggest me how to give them the full access for these work and deny other access, please help me step by step.

Please help me on this


0
Comment
Question by:D_wathi
4 Comments
 
LVL 19

Accepted Solution

by:
alextoft earned 500 total points
Comment Utility
You're asking how you can give them root access without giving them root access... interesting.

How about giving them a virtual machine to play with? RedHat 5 comes with Xen, or there is the free VMware server option. Then they can have a server to test on with root access.
0
 
LVL 87

Expert Comment

by:rindi
Comment Utility
Standard operation is that SSH doesn't have root rights anyway. Once you have logged in as a standard user you can use su or sudo to allow the logged in user to install things or administrate the system. You just have to add the user to the /etc/sudoer file, or add him to the group that is allowed to su.
0
 

Expert Comment

by:vanista
Comment Utility
Sudo is the way, but you might want to give restricted permissions. It is possible to define a precise list of executables which your users will be able to access without entering a password. Once your sudoers are configured, users must use 'sudo' to call the executables.


Example /etc/sudoers


# /etc/sudoers : edit only as root with 'visudo'
 
 

# Define aliases

User_Alias	OPERATORS  = a, b, c

Cmnd_Alias	OPERATIONS = /usr/sbin/command_a /sbin/command_b
 

# Default permissions for root and admin user group

root		ALL = (ALL) ALL

%admin		ALL = (ALL) ALL
 

# Special permissions for OPERATORS, can execute all OPERATIONS without password

OPERATORS	ALL = NOPASSWD: OPERATIONS

Open in new window

0
 
LVL 14

Expert Comment

by:arrkerr1024
Comment Utility
Just to clarify what other's have said "sudo" stands for "super-user do".  It allows a normal user to "do" things are a "super user".  This access is controlled by a configuration file, /etc/sudoers, that tells the sudo command who can run what.  You should always edit the sudoers file by typing "visudo", not directly.  You can customize it up the wazoo... see the man page or your system may have come with a good example (redhat does).

I would really suggest, as alextoft suggested, that they do their actual testing in a virtual machine.  Or another physical machine that you give them root access to.  They're going to screw it up and change an unknown billion options.  They should give you precise step-by-step instructions on how to install it on a staging server.  This is a good exercise that ALL software/development companies should do.  Otherwise you're going to have to re-load this later and you'll be SOL.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
1. Introduction As many people are interested in Linux but not as many are interested or knowledgeable (enough) to install Linux on their system, here is a safe way to try out Linux on your existing (Windows) system. The idea is that you insta…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now