在我拥有的 VPS(托管在 bluevm.com)上,我有三个用户:
userone,使用密码foo和 sudo 权限。usertwo,有密码bar,无 sudo 权限。root,现在使用密码(已删除passwd -d)
我无法su在非 root权限下userone切换usertwo,尽管我确信密码没有问题,因为我用它通过 ssh 连接,而且键盘布局似乎也没有问题。另外,该passwd命令似乎不起作用。
以 userone 身份连接时
ssh连接作品:
$ ssh [email protected]
[email protected]'s password: foo
Last login: blah blah
su otheruser不起作用:
$ su usertwo
Password: bar
su: Authentication failure
自我su不起作用:
$ su userone
Password: foo
su: Authentication failure
ssh otheruser@localhost作品:
ssh usertwo@localhost
usertwo@localhost's password:
Last login: blah blah
$ who am i
usertwo blah blah
$ exit
passwd不起作用:
$ passwd
Changing password for userone.
(current) UNIX password: foo
passwd: Authentication token manipulation error
passwd: password unchanged
sudo有效,并且当 rootsu otheruser有效时:
$ sudo -i
[sudo] password for userone: foo
# su usertwo
$ who am i
usertwo blah blah
$ exit
$ exit
以用户二身份连接时
ssh连接作品:
$ ssh [email protected]
[email protected]'s password: bar
Last login: blah blah
su otheruser不起作用:
$ su userone
Password: foo
su: Authentication failure
自我su不起作用:
$ su usertwo
Password: bar
su: Authentication failure
passwd不起作用:
$ passwd
Changing password for usertwo.
(current) UNIX password: bar
passwd: Authentication token manipulation error
passwd: password unchanged
答案1
有些 UNIX 系统要求您成为组成员wheel才能切换用户。维基百科文章:
Some Unix-like systems have a wheel group of users, and only allow these users
to su to root.[1]
This may or may not mitigate these security concerns, since an intruder might
first simply break into one of those accounts.
检查您是否otheruser是成员,并与之进行比较id userone,id usertwo看看用户一是否是用户二不是的组的成员,从而授予额外的权限。