ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. Tags
    3. sudo
    Log in to post
    • All categories
    • OksanaO

      Windows 11 Gets sudo: Here's How to Enable It

      Watching Ignoring Scheduled Pinned Locked Moved Starwind starwind windows 11 unix linux sudo
      1
      0 Votes
      1 Posts
      211 Views
      No one has replied
    • CCWTechC

      SUDO - Coming to a Windows Server near you.

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion sudo linux windows server windows server 2025
      5
      3 Votes
      5 Posts
      748 Views
      EddieJenningsE

      @DustinB3403

      Ha! That's the thing though, I am curious if sudo will be (at least partially derived) from the sudo we know and love, or will it be Microsoft's own thing that happens to use a command named sudo.

    • 1

      sudo problems

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion sudo ssh root certificate
      33
      0 Votes
      33 Posts
      4k Views
      1

      @jaredbusch said in sudo problems:

      @pete-s said in sudo problems:

      @jaredbusch said in sudo problems:

      @scottalanmiller said in sudo problems:

      @jaredbusch said in sudo problems:

      @scottalanmiller said in sudo problems:

      @pete-s said in sudo problems:

      We want to move to using ssh certificates on our servers and remove all passwords.

      That's what we do.

      Since when? What do you use to manage and generate certificates?

      Generate with ssh-keygen. Manage with a wiki. We are only so big, so it works fine.

      That is not certificates. That is keys. Completely different.

      I don't know what @scottalanmiller uses but ssh-keygen is used to generate ssh certificates as well.

      From the man page:
      ssh-keygen supports signing of keys to produce certificates that may be used for user or host authentication. Certificates consist of a public key, some identity information, zero or more principal (user or host) names and a set of options that are signed by a Certification Authority (CA) key. Clients or servers may then trust only the CA key and verify its signature on a certificate rather than trusting many user/host keys. Note that OpenSSH certificates are a different, and much simpler, format to the X.509 certificates used in ssl(8).

      But if you are automating certificate generation, you need to wrap this in something.

      No, ssh-keygen does not do this (ssh certificate generation).

      As you highlight, it can be used as part of the certificate process. But it cannot, and never will, be the certificate authority. Thus it is not the tool for this this.

      You're actually mistaken because I've done it many times now. A Certification Authority, when it comes to openssh certificates, is really just a key pair that you carefully guard.

      You create certificates by using the CA keys to sign other public keys from users and hosts. The result is a certificate named *-cert.pub

      And you do all of this with the ssh-keygen utility.

      Similar to how you can create CA and everything else for the more complex x509 certificates with just openssl.

    • RomoR

      Critical buffer overflow in sudo: CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion sudo cve-2021-3156
      4
      0 Votes
      4 Posts
      627 Views
      JaredBuschJ

      @travisdh1 yup

      8CF63B2B-CF0F-403B-9B30-689D782ACDC5.jpeg

    • IRJI

      How to save a file in vim when you forget to sudo

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion vim sudo
      9
      15 Votes
      9 Posts
      1k Views
      wirestyle22W

      Yeah I'm wrong. sudo being involved means it can't be privilege escalation because you're getting the proper amount of access.

    • scottalanmillerS

      Windows 10 Allowing a Regular User to Launch One Application as Admin

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion windows windows 10 security runas sudo runastool
      6
      3 Votes
      6 Posts
      827 Views
      JaredBuschJ

      The first time it is used, we have to manually type the domain\localadmin password.
      995d4dcc-8f3f-428f-a56e-aafa241ca644-image.png
      After that it is stored in credential manager.
      e44ddd17-77ee-4318-a779-8edbc1471c2a-image.png

    • EddieJenningsE

      SSH and FreePBX

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion freepbx 13 ssh security sudo cli
      10
      0 Votes
      10 Posts
      7k Views
      JaredBuschJ

      And easy enough to resolve once I look.

      @EddieJennings you should have reminded me to look more earlier..

      /etc/sudoers has it commented out.

      ## Allows people in group wheel to run all commands # %wheel ALL=(ALL) ALL ## Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL
    • scottalanmillerS

      UNIX: sudo

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion unix linux freebsd bsd sam linux administration sam freebsd administration security solaris sudo
      1
      1 Votes
      1 Posts
      2k Views
      No one has replied
    • mlnewsM

      Configuring sudo for Two Factor Authentication from HowToForge

      Watching Ignoring Scheduled Pinned Locked Moved News howtoforge ubuntu centos two factor pam security authentication sudo radius
      1
      2 Votes
      1 Posts
      939 Views
      No one has replied
    • 1 / 1