jsch sudo no password required

Question

I want to run the follow commands: ssh sudouser@host1 sudo mkdir aaa

sudoUser can run sudo command without input password. I referred to the following links : here, here, and here. I made my scripts. But after I run code below, it always hangs there.

So how can I handle the scenario of sudo without password?

import com.jcraft.jsch.*;
import java.io.*;

public class sudo{
  public static void main(String[] arg){
    try{
      JSch jsch=new JSch();

      String host="hostip";




       Session session=jsch.getSession("user", host, 22);

       session.setPassword("pass");
       java.util.Properties config = new java.util.Properties();
       config.put("StrictHostKeyChecking", "no");
       session.setConfig(config);

      session.connect();


      String command="mkdir try";
      String sudo_pass=null;

      sudo_pass="";


      Channel channel=session.openChannel("exec");

     // man sudo
     // -S The -S (stdin) option causes sudo to read the password from the
     // standard input instead of the terminal device.
     // -p The -p (prompt) option allows you to override the default
     // password prompt and use a custom one.
     ((ChannelExec)channel).setCommand("sudo -S -p '' "+command);

     ((ChannelExec) channel).setPty(true);

     InputStream in=channel.getInputStream();
      OutputStream out=channel.getOutputStream();
     ((ChannelExec)channel).setErrStream(System.err);

     channel.connect();


     out.write((sudo_pass+"\n").getBytes());
     out.flush();

     byte[] tmp=new byte[1024];
     while(true){
       while(in.available()>0){
         int i=in.read(tmp, 0, 1024);
         if(i<0)break;
         System.out.print(new String(tmp, 0, i));
       }
       if(channel.isClosed()){
          System.out.println("exit-status: "+channel.getExitStatus());
          break;
        }
        try{Thread.sleep(1000);}catch(Exception ee){}
     }
      channel.disconnect();
      session.disconnect();
    }
    catch(Exception e){
      System.out.println(e);
    }
  }
}

Does your remote sudoers file have `requiretty` set? It might need it turned off — rrauenza, May 27 '16 at 21:30
requiretty has been commented. At file /etc/sudoers: #Defaults requiretty — Linda, May 27 '16 at 21:44
Try removing it for that command or user ... Or use `!requiretty` — rrauenza, May 27 '16 at 21:45
I found if I don't add `((ChannelExec) channel).setPty(true);`, it will not hang there. Instead, it will return `xit-status: 1` very quickly. — Linda, May 29 '16 at 11:23

score 0 · Answer 1 · answered May 28 '16 at 09:51

0

In this line

((ChannelExec)channel).setCommand("sudo -S -p '' "+command);

you're setting the -S and -p options which are probably causing it to hang because it's now waiting for password input.

answered May 28 '16 at 09:51

bmcculley

2,048
1
14
17

If I just input ((ChannelExec)channel).setCommand("sudo "+command), It will have a "password" prompt. – Linda May 29 '16 at 11:04

score 0 · Answer 2 · answered Jun 29 '16 at 04:50

My issue is solved. Below is my findings.

In /etc/sudoers, if Defaults requiretty is commented, we cannot use ((ChannelExec) channel).setPty(true); or it will just hang there. If requiretty is enabled, we need to setPty to true.
If your sudoer does not need password to switch to root, you still need to give sudoer password to run ((ChannelExec)channel).setCommand("sudo -S -p '' "+command);.

3.If you changed /etc/sudoers file for several times and it's better for you to reboot your host, it seems the host might be confused after you change the file too many times.

jsch sudo no password required

2 Answers2