Logging in with 'su' without entering a password

Question

How can I log in with the su command in one line in the terminal? I know that the sudo command can do that:

echo [password] | sudo -S [command]

But when I try to imply it in the su command :

echo [password] | su [username]

I get an error:

standard in must be tty

I don't have access to the sudo account (so I can't access and edit the sudoers file).

I know that the right syntax is basically:

su [username]

What I want to do is to add a su command to aliases without being needed to enter password every time

Answer 1

Asked 6 years, 2 months ago

How can I log in with the su command in one line in the terminal?

This is for using sudo with not getting prompted for a password every time :

edit the /etc/sudoers file via visudo or sudo visudo

in RHEL/CentOS 7 at least, down at the bottom of the /etc/sudoers file you will see the COMMANDS section. Specifically this:

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)   ALL
Same thing without a password
%wheel    ALL=(ALL)   NOPASSWD: ALL

by default... for RHEL/CentOS I can't speak for other linux distro's on how they may make use of this... simply comment out the first with # and put into effect the line having the NOPASSWD: ALL syntax. Or enter this syntax.

The %wheel means those accounts in the wheel group as defined in /etc/group. You can add a line and make it %users for example to allow any account in the users group this no password functionality, if you use the users group (with gid 100) in that manner.

For the How can I of being just you, the %wheel syntax with the % means wheel is a group. To specify a specific user account, just remove the % and use a user account in place of the group name. For example:

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

simply do this if your user account name is abc123

abc123  ALL=(ALL)   NOPASSWD: ALL

and best to put this at the bottom of the file so that if said user account is also part of wheel group and that is in effect above that statement doesn't override and undo this if you put this user statement at the top of the file.

I do not know how to undo the password prompt of using su in the above manner but

what you can do is sudo su <username> and not get prompted for password, along with doing sudo su and su'ing to the root account without a password.

What I've described is the best way I know on how to gain no password prompting functionality while maintaining decent security at the same time... the /etc/sudoers file is the security focal point here.

The file permissions of /etc/sudoers should be root for both owner and group with -r--r----- permissions or 440.

note: using abc123 ALL=(ALL) NOPASSWD: ALL will allow that user account to do a sudo su and switch to the root account without being prompted for the root account's password.

Answer 2

The correct answer is:
THIS IS DANGEROUS ! DO NOT DO THIS ! IT COMPLETELY BREAKS YOUR SECURITY !!!

But...
If you don't care about security you can do it like this:

• Create a file main.c with the contents:

#include <stdlib.h>
#include <unistd.h>
int main() {
  setuid(0);
  system("/bin/bash"); //you can replace bash by another shell if wanted
  return 0;
}

• Compile this code and transform it into a suid shell with:

gcc main.c -o mysuidshell
sudo chown root mysuidshell && sudo chmod u+s mysuidshell

You can now create the alias that you mentinoed in the comment on LXGA's answer:

alias switch="/path/to/mysuidshell".

Although it's still terrible idea security-wise, you also have the extremely tiny advantage that your password is not somewhere visible in cleartext.

Depending on what you want to do you can change the code so that it can change to other users than root, run different shells, ...

But you will be basically re-inventing the wheel (su and sudo) but less secure.

Answer 3

This is exactly what Expect was designed for. It was written originally for Tcl/Tk, but I'm not terribly au fait with that language, so here it is in Python:

#!/usr/bin/python3
import os,sys,pexpect
child = pexpect.spawn("sudo head /etc/shadow")
Give it a list of expected responses (only one here)
Result = child.expect([" password for"])
Did we find the zeroth answer in our list?
if Result==0:
    # Yes, then send the password
    child.sendline('<your password>')
    # Output its response
    print(child.read())
else:
    print("Didn't get expected response")

You'll have to edit it to suit your purpose, hopefully that's enough to get you started.

Answer 4

tl;dr:

As root,

1. In /etc/pam.d/su, add the line: auth sufficient pam_wheel.so trust before the other lines.
2. Execute getent group wheel || groupadd wheel
3. Execute usermod -aG wheel joeuser (for a user named joeuser)

Longer explanation

On Unix systems, it is customary to use the wheel group to grant users administrator/root privileges; but - this the privilege escalation capability is not enabled by default. On modern Linux systems (last 15 years at least and probably well before), that can be done by adding a line to the PAM configuration files under /etc/pam.d/ - and specifically, to the su file. The line says: "If the user is in the wheel group, this suffices as authentication".

Of course, you actually need to be put in that wheel group, hence the instructions on creating the group if it doesn't exist (which is often, as Linux distros don't typically create it on installation), then making the addition.

that's it. Joe User can now run su without providing a password.

Notes:

• This is an older mechanism than sudo and doesn't rely on it.
• See this question about creation of groups: Short, simple command to create a group if it doesn't already exist?

about the command for creating the group.