OpenWRT: sudo

Article published the ; modified the
2 minute(s) to read

This article has 256 words.
RAW source of the article: MD

Description

By default, OpenWRT has one only user: the root admin.

We will create a new user, without privilege, only the one to administrate correctly the system with the tool sudo.

Installation

As root, execute all those commands:

# opkg update
# opkg install shadow-useradd sudo

Tip

Configuration

user configuration

Now, config the user account:

  • # useradd ego: ego is the account name - it’s up to your convenience…
  • # passwd ego: define the password
  • # mkdir -p /home/ego/.ssh: make the main home, and the ssh folder.
  • # chown ego /home/ego: give the user rights on his home.
  • # chmod 0700 /home/ego: auth only this user.

sudo configuration

I would only talk about the sudo most secure method of configuration:
This method allows you to simply use the administrator’s password without having to login with the administrator account. The command sudo must be preceded by any other necessary command.

We edit the /etc/sudoers with the visudo command:

# visudo

Place at the bottom of the file, and uncomment the both lignes, to remove the # symbol:

# Defaults targetpw # Ask for the password of the target user
# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw'

After saving and quit, your user can use any administration commands.

SSH configuration

Now, it’s the good time to add your ssh auth key into the /home/ego/.ssh/authorized_keys file.

Be sure to copy your public key, only with the `.pub` extension!

Documentation