Shell users and Sudo commands in Webdock
Different hosts have different methods of handling shell access, and we have opted for a simple but secure approach. It may be difficult to intuitively understand how you gain shell access to your server, so this guide serves to point you in the right direction.
How to get shell access and run commands as root
The best way
- Go to your account and add one or more public keys by clicking on Add Public Key on the Public Keys card
- Not sure how to get a hold of your public key in the first place? Click here to read our guide!
Be careful adding Public Keys you have generated on Windows as they may not be suitably formatted.
Incorrect:
---- BEGIN SSH2 PUBLIC KEY ---- Comment: rsa-key-20150211 AAAAB3NzaC1yc2EAAAABJQAAAIEAjm/8tQdXJ8gXETIOh3h6V+7KPAe+e9OUlBps a55Ky+1Ry1E2unGDDQNGqRVh9gmhL5p27NH0Bfd4kksa6Lm1WTnRirZCvHaVIPQ8 k4RTU73KJ9WnXmEi34hiMbmTjnrKLs+6YqLUqGmyyd/GK3Vs/9JYGhFHzc4qS2wk cmHKKws= ---- END SSH2 PUBLIC KEY ----
Correct:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAjm/8tQdXJ8gXETIOh3h6V+7KPAe+e9OUlBps a55Ky+1Ry1E2unGDDQNGqRVh9gmhL5p27NH0Bfd4kksa6Lm1WTnRirZCvHaVIPQ8 k4RTU73KJ9WnXmEi34hiMbmTjnrKLs+6YqLUqGmyyd/GK3Vs/9JYGhFHzc4qS2wk cmHKKws= mike@mymacbook
- Now go to your server and go to the Shell Users management screen
- On standard Webdock stacks, there is already a shell user named admin. Click on the Assign Public Keys dropdown on the admin user card, and select your Public Key(s) you just added to your account.
- If you are working with a clean server, simply add a new shell user, make sure they are part of the Sudo group and assign your public keys to this user
- Now you are ready to connect to your server. On Mac and Linux you now simply execute the following command in your terminal:
ssh admin@myserver.host.webdock.io
You can find your server address on your main server information page
- If you assigned a password when you created your public key, you will be prompted to enter the password before you can connect.
- Now you are ready to work in the terminal, you can simply put "sudo" in front of any commands to execute them as root, or just switch to being root entirely by executing
sudo su
The system will now prompt you for your user password (not your public key password) in order to execute sudo. For a standard Webdock stack, you will find your default admin shell user password on the main server information screen along with all your other auto-generated credentials.
Tip: You can disable password prompts when executing sudo commands by running the Passwordless Sudo script on your server. You can find this script and run it on the Cronjobs & Scripts management page for your server.
The less secure way
The less secure way is not to use public keys at all. Here you simply enable Password Based Authentication on the Shell Users management screen.
Now you can connect to your server using the ssh command and when prompted for a password, simply enter the admin shell user password, or the password you chose when adding your own shell user.
Why can't I just use the root user?
That's a bit silly when sudo is there to help keep your system secure. The root user is the primary target for automated brute force attacks, so having the root user disabled for ssh really helps with security. In addition, by using sudo you can have a log of activity on your server which may help track down what's been happening on your server.
Besides, switching to root as a sudo user is as simple as executing
sudo su
Stay safe, use sudo! :-)