RHEL: Allowing users to ’su’ to "root" / Allowing ’root’ to login directly to the system using ’ssh’

RHEL: Allowing users to 'su' to "root" / Allowing 'root' to login directly to the system using 'ssh'

# Tested on RHEL 5, 6 & 7


# Allowing users to "su" to 'root'
# ------------------------------------------------------------------------------------------

# On a secured server regular users are not allowed to become 'root' by issuing "su" command

# /etc/pam.d/su file usually limits users that can become 'root' to those belonging to
# 'wheel' group

# This way, to allow a user to become 'root' it should be added to 'wheel' group:

usermod -g wheel <username>


# To allow all users to become super user (root), comment out following line in
# /etc/pam.d/su file (if line is uncommented only 'wheel' users will be able to do it):

   auth            required        pam_wheel.so use_uid

# To allow users in 'wheel' group to become 'root' without providing a password uncomment
# following line in /etc/pam.d/su file

   #auth           sufficient      pam_wheel.so trust use_uid


# State of these two lines can be combined in order to have one or other behaviour



# Allowing 'root' to login directly to the system via ssh
# ------------------------------------------------------------------------------------------

# Usually, after a fresh installation, 'root' is not able to login to the system via "ssh"
# To allow, verify/modify following files as necessary

# sshd_config: If existing, change "PermitRootLogin no" to "PermitRootLogin yes"

vi /etc/ssh/sshd_config
[...]
   PermitRootLogin yes
[...]

# This change requires a restart of sshd daemon:

# RHEL 5/6:service sshd restart

# RHEL 7: systemctl restart sshd



# access.conf: Change "-: root : ALL" to "+: root : ALL"

vi /etc/security/access.conf
[...]
   +: root : ALL
[...]


# Take into account that modifying this options can compromise the security of a system.
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
RHCS: Configure an active/backup pacemaker cluster
Viewed 899 times since Sun, Jun 3, 2018
15 Linux Yum Command Examples – Install, Uninstall, Update Packages
Viewed 861 times since Thu, Oct 25, 2018
How to find your System details using inxi
Viewed 1093 times since Sat, Jun 2, 2018
RHEL: Reserved space on a ext2/ext3/ext4 filesystem
Viewed 2312 times since Sun, May 27, 2018
Fałszujemy rozpoznania skanerów #2
Viewed 931 times since Mon, May 21, 2018
How to sort IP addresses in Linux
Viewed 1018 times since Sun, May 20, 2018
Installing and Configuring an OCFS2 Clustered File System
Viewed 901 times since Sat, Jun 2, 2018
Creating SWAP partition using FDISK & FALLOCATE commands
Viewed 272 times since Thu, Jan 16, 2020
What is yum-cron ?
Viewed 1099 times since Fri, Oct 26, 2018
How to stop and disable auditd on RHEL 7
Viewed 4372 times since Tue, Aug 6, 2019