2

I am writing a Java program that can programmatically SSH into any remote machine and execute commands. I am re-using an existing Java library to do so: https://github.com/shikhar/sshj

The issue I am running into is figuring out how to sudo switch user as such:

"sudo su - [username here]".

If you run this manually in the terminal, you will be prompted with a password. As I understand it, if you are under the sudoers file, and you type your password correctly, you will be able to run the command to switch the user as such. I don't want to have the user to have to type in their password. Ideally, the program shouldn't require any human intervention at all in order to run.

What I would like to achieve is: Programmatically send the password over the socket so the user wouldn't have to type it into standard in. If the user can login to the remote machine using his credentials, the program should be able to pick up on these same credentials and pass it in when sudo asks for a password from the user.

After Googling for a while, I can't figure out how to achieve this with this library. Bare in mind I am not really an expert at the lower-level details of SSH. Anyone have an idea on this one?

Thanks guys.

HiChews123
  • 1,598
  • 4
  • 20
  • 39
  • Were you able to get sudo to work with sshj without using the overthere library? This might be a solution for you although it is not working for me with a vanilla ubuntu 16.04 using openssh-server. https://stackoverflow.com/questions/20406425/executing-sudo-command-on-my-amazon-ec2-box-using-sshj-java-library – simgineer Jul 09 '17 at 23:30

2 Answers2

4

We've written the Overthere library on top of SSH/J, which supports logging in with sudo with or without a password prompt. Have a look at that to see whether it suits your needs.

Hiery Nomus
  • 17,429
  • 2
  • 41
  • 37
  • I'm having difficulties with getting sudo commands to work with sshj. I was wondering if there are any short examples of running a sudo command like: `sudo touch /opt/new-file.txt` using Overthere that I can try. – simgineer Jul 09 '17 at 23:54
  • For overthere, configure it with INTERACTIVE_SUDO (see: https://github.com/xebialabs/overthere#sudo-and-interactive_sudo). this will instruct the library to look for a password prompt and input it. – Hiery Nomus Jul 11 '17 at 11:31
  • I ran into this w Overthere, are there other jars i need to include besides sshj? Exception in thread "main" java.lang.NoClassDefFoundError: nl/javadude/scannit/Scannit at com.xebialabs.overthere.Overthere.(Overthere.java:61) at sshj.test.OverthereTest.main(OverthereTest.java:34) Caused by: java.lang.ClassNotFoundException: nl.javadude.scannit.Scannit – simgineer Jul 13 '17 at 09:22
  • I am using https://github.com/hierynomus/sshj not sure if there is another version that is more compatible with Overthere? – simgineer Jul 13 '17 at 09:41
  • It seems that you're not adding the required jars for overthere. Are you using a build-system that is capable of resolving transitive dependencies, such as Maven or Gradle? – Hiery Nomus Jul 17 '17 at 13:43
1

That shouldn't be a problem. You can configure sudo to don't require a password for certain users. Have a look at sudo's documentation and sudoers man page.

roehrijn
  • 1,387
  • 1
  • 11
  • 20
  • Let's assume that I don't have the privilege to change sudo to NOT require passwords for specific users. How can I still achieve this? What I would like is to programmatically pass in the password and sent over to the socket (instead of having a user type in the password) – HiChews123 Sep 17 '13 at 20:34