3. Emulating a Linux environment with sudo rights

Emulating a Linux environment with sudo rights

I have a Linux (Ubuntu 16.04) computer, and I have to create a user that has sudo rights, but I still don't want it to be able to cause any harm remotely (I worry about stupidity, not malice).

Wouldn't this be fixed by not using that user remotely?

1) I have telnet disabled, is there any other way (besides SSH) that someone can access my machine remotely?

If you have installed other methods then sure. It really depends on what you have installed.

2) How can I restrict access? I understand that chroot is not good enough since the root user (or a sudo-able user) can just step out of it.

There are containers which are kind of like hardened chroots. Your root user inside the container shouldn't be able to escape out of it. Containers are a lot more lightweight than virtual machines.

3) Is it possible to route specific SSH logins into a VM?

One way I can think off the top of my head is to allow login with keys only and then making the key login just ssh into a VM or something. This wouldn't require a different ssh port for the VM and wouldn't be dependent on your client machine doing the proxying.

This would look something like this in the .ssh/authorized_keys file:

command="/usr/bin/ssh someuser@yourvm" YOURPUBLICKEYHERE

I'm sure someone will come up witha lot better solution

4) I know about Linux namespaces, but so far did not understand how they can help me with root problem.

It's easier to understand them by just playing with containers. I would recommend lxc, it should be available in most distros' repos.

/r/linuxquestions Thread
Previous
Next

Recently removed from /r/linuxquestions

NVIDIA K2100M - X.org gives me better performance then NVIDIA drivers but it glitches Using rootfs of Ubuntu/Debian with arbitrary kernels (on same arch) PC stuck in dark mode How to set the right screen resolution without xrandr How to transition from Windows to Linux painlessly? Best Debian based Distro fro Old Laptops Thinking of going from Windows > Arch. Questions about VMs, AUR/other repos and VFIO. What are the top 5 linux NO NOs you have learned over the years of using linux? How would your workflow break by switching to macOS? Is there a foundation for Linux power users? Run command once a day, but only when internet connection is available. Why is Ubuntu a pain in my case? For software that is not supported in linux, is it better to run it on a vm with MacOS or with windows 10/11? Hello! I need help with manjaro! boot,audio problems!new user :< Is vim worth it?

More Random Comments

Whats the point of Gold in D&D e5? ascii-progress - a simple progress bar package for haskell Push Your Luck d6 Mechanic [I'm new] Started keto 14 days ago down 11 lbs already here's my stats from keto calculator few questions under neath Self-Driving Cars Will Be in 30 U.S. Cities By the End of Next Year Who are the Ruthenians? You are given 10 billion dollars to create a game show. It can involve anything including illegal things and death if you so desire. What is your game show? Level 30 players should not be placed into games with new players Bouncing off the fan question in this week's podcast, what is your opinion on the Final Fantasy games and which would you recommend a newbie start with? Americans Aren’t Saving Enough for Retirement, but One Change Could Help: "The recommendation, however, glosses over a critical driver of unpreparedness: Wall Street is bleeding savers dry...'A greater part of the problem is the failure of investors to earn their fair share of market returns.'" Anterior Knee Pain Drugs and Unlocking Your Inner God: A Path, or A Distraction? RNs that work on a stroke unit. Any input about it to help me decide to take this job offer? Martian Manhunter vs Thor What jokes would YOU make as skipper of a jungle cruise boat?