6

Newest Update

The flag is -p portnumber, but I can't get into root. I got (publickey, permission denied).

I sign up for a VPS on DigitalOcean.

I am currently going through the tutorial Deploying a Ruby on Rails application using Nginx, Unicorn, PostgreSQL, and Capistrano to DigitalOcean and the railscast #335 Deploying to a VPS.

I made a new user inside the VPS, but this user doesn't have the sudo privilege.

When I do cap deploy:setup according to the guide, I am getting this:

judy is not in the sudoers file.  This incident will be reported.

failed: "sh -c 'sudo -p '\\''sudo password: '\\'' ln -nfs /home/judy/apps/lintong/current/config/nginx.conf /etc/nginx/sites-enabled/lintong'" on 192.241.241.204

I changed the port to 888 according to the guide and now I can't ssh into the server.

When I do ssh root@ipaddress or ssh judy@ipaddress, it’s trying to connect to port 22.

First question: How do I pass in a field to when I ssh into the VPS with a port option of 888?

Second question: How do I give judy sudo rights? According to coderwall's tutorial, I should do this:

visudo

and then add username ALL=(ALL:ALL) ALL, but I think I did it before, and it didn't work.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Jngai1297
  • 2,415
  • 5
  • 29
  • 63
  • Could you elaborate a bit more on your "newest update"? – Floris Sep 04 '13 at 20:50
  • There is some helpful information in the answer to [this question](http://stackoverflow.com/questions/3858928/git-ssh-setup-permission-denied-publickey) - how to run `sshd` server in debug mode to get more information. But if you can't log in, it may be hard to do... – Floris Sep 04 '13 at 20:53
  • @Floris ssh -p 888 root@ipaddress and then put in the password that vps droplet digital ocean sent me and then permission denied please try again, I can log in as judy and judy obviously can't give itself sudo right – Jngai1297 Sep 04 '13 at 20:56
  • Once you are logged in as judy, can you do `su` ("switch to the identity of the super user")? It would help us identify whether the problem is with ssh, or with the permissions for `root`. – Floris Sep 04 '13 at 20:59
  • @Floris got `authentication failure` I don't want to rebuild the vps to get a new password, will have to restart over because vps becomes new machine again – Jngai1297 Sep 04 '13 at 21:00
  • Uh oh. I suspect you messed things up with `visudo`. There is helpful information [at this link](http://www.psychocats.net/ubuntu/fixsudo). I hope you can use it to get things back... but I'm not sure you can "boot into recovery mode" given the system you are using. Might have to work with their sys admins. – Floris Sep 04 '13 at 21:03
  • @Floris inside digital ocean panel I can reset root password it will shut down my droplet and a new root password will be email to me again. I am assuming that by shutting down I will lose everything? – Jngai1297 Sep 04 '13 at 21:06
  • "shut down my droplet" does sound like "fresh start". Did you have a lot of time invested already? You should ask on their support community board before throwing away a lot of work. https://www.digitalocean.com/community – Floris Sep 04 '13 at 21:08
  • @Floris I am totally new to linux, (use mac to push to heroku) so my vps is fine and its because I mess up the linux part? ok I will contact the community – Jngai1297 Sep 04 '13 at 21:09

3 Answers3

14

For recent Ubuntu/Debian versions, don't modify /etc/sudoers, but add the user to to the sudo group in /etc/group.

sudo usermod -a -G sudo judy

or

sudo vigr (and sudo vigr -s)

To use ssh with a specific port, use -p 888 : i.e., ssh -p 888 judy@ipaddress

(Note that if you ever need to set a port with scp, you use a capital -P instead.)

belacqua
  • 543
  • 4
  • 18
1

Answering just one question:

ssh -p 888 root@ipaddress

should allow you to log in when ssh is listening on port 888. Not sure what is wrong with the second part... can you show the judy entry from /etc/sudoers?

Floris
  • 45,857
  • 6
  • 70
  • 122
  • when I enter judy@ipaddress and put in my pwd for judy. head to etc/sudoers there is nothing there. I think its better off with root@ipaddress and not with judy@ipaddress – Jngai1297 Sep 04 '13 at 20:58
1

For ssh to a different port:

ssh -p 888 root@ipaddress

To get judy sudo permission somewhat depends on the OS for proper practice. In Ubuntu you can simply add judy to the admin group.

useradd -G admin judy

This is because there's already an entry that maps that group in the sudoers file for Ubuntu servers.

Doug Morrow
  • 1,306
  • 1
  • 10
  • 18