Using sudo in WinSCP
I need to update httpd.conf
in /usr/local/apache/conf
path.
I have generated SSH key in cpanel, and selected it in Advanced options in SSH/Authentication section.
Also I have tried two different SCP/Shell options in this section (default, /bin/bash
, sudo su -
)
And as I file protocol I select SCP.
And I can login but, am getting permission denied message that I can not edit or download file. I have also tried to set 777 for folder and 664 for files, but it is also not letting me to do this change.
I am using Centos 6.5.
Session log :
2014-01-06 08:23:13.128 Using SCP protocol.
. 2014-01-06 08:23:13.128 Doing startup conversation with host.
. 2014-01-06 08:23:13.182 Skipping host startup message (if any).
! 2014-01-06 08:23:13.182 stdin: is not a tty
! 2014-01-06 08:23:13.182 sudo: sorry, you must have a tty to run sudo
. 2014-01-06 08:23:13.182 Server sent command exit status 1
. 2014-01-06 08:23:13.182 Disconnected: All channels closed
* 2014-01-06 08:23:13.241 (EFatal) **Connection has been unexpectedly closed.** Server sent command exit status 1.
* 2014-01-06 08:23:13.241 Error skipping startup message. Your shell is probably incompatible with the application (BASH is recommended).
Solution 1:
I want to share my solution because I'm also searching several time for a workaround. I'm using CentOS7 right now and try to get connetion via WinSCP (Pubkey Auth).
sshd_config
..
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
UsePAM yes
..
@CentOS visudo - add following 2 entrys
username ALL=NOPASSWD: /bin/su
Defaults:username !requiretty
WinSCP settings:
Disable keyboard-interactive @ SSH authentication settings solves the problem for me.
SCP settings command: sudo su -
Solution 2:
As @pragnesh has suggested, you will find all the instructions in WinSCP FAQ How do I change user after login (e.g. su root)?
Not only you need to add the sudo -s
shell and yourusername ALL=NOPASSWD: ALL
line (or similar) to the sudoers
, but you also need to make sure the sudo
does not require TTY.
While this is the default behavior, you may have it configured differently. Make sure you remove the requiretty
option from the sudoers
file.
You can also change this only per user, see sudoers: how to disable requiretty per user.