1

Since root passwords and logins are not allowed on Ubuntu, how does one use ssh and rsync to move folders and files from a local host to a remote host when root privileges are needed on the remote?

Arronical
  • 19,893
Alex
  • 11
  • 1
  • 3
  • Thanks very much for the suggestions. However, for reasons I'm not given the space here to explain, neither is satisfactory to me. One requires me to "break" a system setup to protect me, while the other requires a back-door evasion with its own security weaknesses. I think I either need to go back to OpenSUSE or find a different approach for what I want to do that remains within "standard" Ubuntu. – Alex Aug 18 '16 at 07:05

2 Answers2

0

It is not impossible to enable root login in Ubuntu it is just not recommended. (see this answer for how-to)

Alternatively rsync user can be granted root privilege (see here)

Community
  • 1
S.Mohsen sh
  • 478
0

One way to do this is to have a user at the remote end, who has passwordless sudo access to the rsync command. If the user were called rsyncguy, you would edit the /etc/sudoers file to contain the following line, using the sudo visudo command:

rsyncguy ALL=NOPASSWD: /usr/bin/rsync

There is a security risk inherent in this approach, whereby that user can now perform any rsync command as root, including rsync pull's from other servers. To mitigate this, you can use the precise rsync command that you will need, if it is likely to remain the same.

After the sudo access has been enabled, your rsync commands should always contain `--rsync-path="sudo rsync" to ensure that sudo is used on the remote end.

It would also be useful to set up passwordless SSH key-based authentication for that user. After the SSH keys have been set up, you could disable normal password login for rsyncguy by using the following command on the remote server:

sudo passwd -l rsyncguy

Which will add another layer of security.

Arronical
  • 19,893