Join the community today
Register Now

MOSH on Centminmod

Discussion in 'Other Centmin Mod Installed software' started by ElChorizo, Aug 14, 2024.

  1. ElChorizo

    ElChorizo Premium Member Premium Member

    40
    4
    8
    Apr 29, 2021
    Ratings:
    +8
    Local Time:
    9:15 PM
    1.19.10
    10.3.28
    Please fill in any relevant information that applies to you:
    • CentOS Version: Alma 9
    • Centmin Mod Version Installed: 140.00beta01
    I installed mosh but it won't work. I've opened up all the ports in the csf but mosh fails because the shell on login tries to bring up the sudo to root automatically and mosh is never able to connect or enter input. It times out waiting for the user to enter the sudo password which you can't do.

    Is there a way to disable the sudo every time you log in, I've always hated this.

     
  2. eva2000

    eva2000 Administrator Staff Member

    53,506
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:15 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Centmin Mod is meant for and designed for full root user ideally so sudo isn't something Centmin Mod will setup unless you setup sudo user or your web host's OS install did install a sudo user.

    Who's web host?
     
  3. ElChorizo

    ElChorizo Premium Member Premium Member

    40
    4
    8
    Apr 29, 2021
    Ratings:
    +8
    Local Time:
    9:15 PM
    1.19.10
    10.3.28
    I always set up a regular user and SSH in as that. Every time I log in, it wants to sudo to root, I'm assuming to do a check for updated software. I don't want that. It's unnecessary. I do my own hosting.
     
  4. ElChorizo

    ElChorizo Premium Member Premium Member

    40
    4
    8
    Apr 29, 2021
    Ratings:
    +8
    Local Time:
    9:15 PM
    1.19.10
    10.3.28
    For example, this is what I get on login.

    Code:
    ssh host.com
    X11 forwarding request failed on channel 0
    
    Activate the web console with: systemctl enable --now cockpit.socket
    
    Last login: Mon Aug 12 11:15:52 2024 from xx
    [sudo] password for user:
    
    ===============================================================================
     - Hostname......: xx.com on AlmaLinux 9.4
     - Users.........: Currently 3 user(s) logged on (includes: root)
    ===============================================================================
     - CPU usage.....: 0.06, 0.03, 0.00 (1, 5, 15 min)
     - Processes.....: 310 running
     - System uptime.: 5 days 18 hours 7 minutes 1 seconds
    ===============================================================================
    
    
    
     
  5. eva2000

    eva2000 Administrator Staff Member

    53,506
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:15 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    That explains it as Centmin Mod is meant for full root user, it it detects sudo user it may elevate to sudo root for centminsh menu but that shouldn't happen at ssh login stage.

    I have OVH dedicated and vps servers that default to a default sudo user and does not have sudo password prompt on ssh login. That is because the MOTD ssh displayed output is coded to only display for root user I'd = 0. So non-root user ids not = 0, won't show this info.
     
  6. ElChorizo

    ElChorizo Premium Member Premium Member

    40
    4
    8
    Apr 29, 2021
    Ratings:
    +8
    Local Time:
    9:15 PM
    1.19.10
    10.3.28
    Every server I've ever set up with Centminmod has been this way. Linode, and this is an OVH dedicated server. Centos7, Alma 8 and 9, always the same.

    I don't change any of the default stuff, and it's always like this. It just prompts for it, every single time.
     
  7. eva2000

    eva2000 Administrator Staff Member

    53,506
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:15 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Strange indeed. Probably need to troubleshoot this

    1. after you SSH login can you run this command to run the dmotd.sh script which is responsible for the at SSH login displayed info - run once as full root user and once as your regular user you log in with via SSH
    Code (Text):
    bash -x /usr/local/src/centminmod/config/motd/dmotd.sh 2>&1 | tee /root/centminlogs/dmotd-debug-$(date +"%d%m%y-%H%M%S")-$(id -u).log
    

    you should have 2 log files in /root/centminlogs/dmotd-debug-* that are date timestamped and labeled by the user id number for user that ran the script i.e. for root user with id = 0 log file at -rw-r--r-- 1 root root 13K Aug 13 20:19 /root/centminlogs/dmotd-debug-130824-201952-0.log. It has sensitive info, so private message me and share the log after removing anything sensitive ie. hostnames, etc you find
    Code (Text):
    ls -lahrt /root/centminlogs/dmotd-debug-*
    
    -rw-r--r-- 1 root root 13K Aug 13 20:19 /root/centminlogs/dmotd-debug-130824-201952-0.log
    
     
  8. eva2000

    eva2000 Administrator Staff Member

    53,506
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:15 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    I also created a patch to add additional check for sudo users which aren't passwordless to not call the dmotd.sh displayed info on SSH login. You can try the patch by running this command as full root user first
    Code (Text):
    cd /usr/local/src/centminmod && wget -O dmotd.patch https://gist.github.com/centminmod/625d2ce8b060cdd5b9a2c514b3fa25b0/raw/dmotd.patch && patch -p1 < dmotd.patch
    

    Then SSH logout and SSH login as your standard user and see what happens.

    If still is an issue, re-run the debug output for inspection
    Code (Text):
    bash -x /usr/local/src/centminmod/config/motd/dmotd.sh 2>&1 | tee /root/centminlogs/dmotd-debug-$(date +"%d%m%y-%H%M%S")-$(id -u).log
    
     
  9. ElChorizo

    ElChorizo Premium Member Premium Member

    40
    4
    8
    Apr 29, 2021
    Ratings:
    +8
    Local Time:
    9:15 PM
    1.19.10
    10.3.28
    Sent you 2 pm's... the patch didn't do anything.
     
  10. eva2000

    eva2000 Administrator Staff Member

    53,506
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:15 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    From the logs looks like it's because some of additional dmotd.sh commands need sudo elevated or root user permissions as Centmin Mod is designed for full root user. Regular non-sudo or non-root user as designed do not trigger these password prompts but seems sudo created user does if you log in with the user in non-sudo elevated state.

    I could add a workaround for this to allow non-sudo state regular user to login without sudo prompt, but it would mean disabling Centmin Mod updates check notification. So, we will lose that notification when new Centmin Mod updates are available. At least for now. Will test it a bit more and that commit an update to 140.00beta01 (131.00stable will not get this change)

    example of intended dmtod.sh changes when your SSH logg in as non-root/non-sudo elevated user you will see

    testuser linux user without elevated sudo will see - scroll to last line and see disabled Centmin Mod update notifications message
    Code (Text):
    [testuser@almalinux9dev1 ~]$ /usr/local/src/centminmod/config/motd/dmotd.sh
    ===============================================================================
     - Hostname......: almalinux9dev1 on AlmaLinux 9.4
     - Users.........: Currently 1 user(s) logged on (includes: testuser)
    ===============================================================================
     - CPU usage.....: 0.00, 0.00, 0.00 (1, 5, 15 min)
     - Processes.....: 271 running
     - System uptime.: 10 days 0 hours 47 minutes 37 seconds
    ===============================================================================
                   total        used        free      shared  buff/cache   available
    Mem:            7682        1988        3277          34        2745        5693
    Swap:           4095           4        4091
    ===============================================================================
    Filesystem     Type      Size  Used Avail Use% Mounted on
    devtmpfs       devtmpfs  4.0M     0  4.0M   0% /dev
    tmpfs          tmpfs     3.8G     0  3.8G   0% /dev/shm
    tmpfs          tmpfs     1.6G   18M  1.5G   2% /run
    /dev/vda4      xfs        79G   12G   68G  15% /
    /dev/vda3      xfs       960M  300M  661M  32% /boot
    /dev/vda2      vfat      200M  7.1M  193M   4% /boot/efi
    /dev/loop0     ext4      3.9G  1.4M  3.7G   1% /tmp
    tmpfs          tmpfs     769M  4.0K  769M   1% /run/user/0
    ===============================================================================
    # ! This server maybe running CSF Firewall !
    #   DO NOT run the below command or you  will lock yourself out of the server:
    #
    #   iptables -F
    ===============================================================================
    * Getting Started Guide - https://centminmod.com/getstarted.html
    * Centmin Mod FAQ - https://centminmod.com/faq.html
    * Centmin Mod Config Files - https://centminmod.com/configfiles.html
    * Centmin Mod Blog - https://blog.centminmod.com
    * Community Forums https://community.centminmod.com  [ << Register ]
    ===============================================================================
    ===============================================================================
    * Nginx Update May Be Available via centmin.sh menu option 4
    * see https://centminmod.com/nginx.html#nginxupgrade
    ===============================================================================
    * Current Nginx Version:           1.27.0
    * Latest Nginx Mainline Available: 1.27.1 (centminmod.com/nginxnews)
    ===============================================================================
    ===============================================================================
    Detected non root/sudo elevated user: Centmin Mod update notifications disabled
    Centmin Mod update notifications are enabled for root/sudo elevated users only
    Only SSH logins via root/sudo elevated user, will update notifications show
    ===============================================================================
    


    testuser sudo run - scroll to end and see Centmin Mod update notifications
    Code (Text):
    [testuser@almalinux9dev1 ~]$ sudo /usr/local/src/centminmod/config/motd/dmotd.sh
    ===============================================================================
     - Hostname......: almalinux9dev1 on AlmaLinux 9.4
     - Users.........: Currently 1 user(s) logged on (includes: root)
    ===============================================================================
     - CPU usage.....: 0.07, 0.02, 0.00 (1, 5, 15 min)
     - Processes.....: 272 running
     - System uptime.: 10 days 0 hours 47 minutes 53 seconds
    ===============================================================================
                   total        used        free      shared  buff/cache   available
    Mem:            7682        1994        3270          34        2745        5687
    Swap:           4095           4        4091
    ===============================================================================
    Filesystem     Type      Size  Used Avail Use% Mounted on
    devtmpfs       devtmpfs  4.0M     0  4.0M   0% /dev
    tmpfs          tmpfs     3.8G     0  3.8G   0% /dev/shm
    tmpfs          tmpfs     1.6G   18M  1.5G   2% /run
    /dev/vda4      xfs        79G   12G   68G  15% /
    /dev/vda3      xfs       960M  300M  661M  32% /boot
    /dev/vda2      vfat      200M  7.1M  193M   4% /boot/efi
    /dev/loop0     ext4      3.9G  1.4M  3.7G   1% /tmp
    tmpfs          tmpfs     769M  4.0K  769M   1% /run/user/0
    ===============================================================================
    # ! This server maybe running CSF Firewall !
    #   DO NOT run the below command or you  will lock yourself out of the server:
    #
    #   iptables -F
    ===============================================================================
    * Getting Started Guide - https://centminmod.com/getstarted.html
    * Centmin Mod FAQ - https://centminmod.com/faq.html
    * Centmin Mod Config Files - https://centminmod.com/configfiles.html
    * Centmin Mod Blog - https://blog.centminmod.com
    * Community Forums https://community.centminmod.com  [ << Register ]
    ===============================================================================
    ===============================================================================
    * Nginx Update May Be Available via centmin.sh menu option 4
    * see https://centminmod.com/nginx.html#nginxupgrade
    ===============================================================================
    * Current Nginx Version:           1.27.0
    * Latest Nginx Mainline Available: 1.27.1 (centminmod.com/nginxnews)
    ===============================================================================
    ===============================================================================
     Centmin Mod local code is up to date at /usr/local/src/centminmod
     no available updates at this time...
    ===============================================================================
     Current local server Centmin Mod branch installed: 140.00beta01
    ===============================================================================
    


    difference

    Code (Text):
    ===============================================================================
    Detected non root/sudo elevated user: Centmin Mod update notifications disabled
    Centmin Mod update notifications are enabled for root/sudo elevated users only
    Only SSH logins via root/sudo elevated user, will update notifications show
    ===============================================================================
    


    vs

    Code (Text):
    ===============================================================================
     Centmin Mod local code is up to date at /usr/local/src/centminmod
     no available updates at this time...
    ===============================================================================
    
     
  11. ElChorizo

    ElChorizo Premium Member Premium Member

    40
    4
    8
    Apr 29, 2021
    Ratings:
    +8
    Local Time:
    9:15 PM
    1.19.10
    10.3.28
    What is a quick way I can manually disable the check just for myself?
     
  12. eva2000

    eva2000 Administrator Staff Member

    53,506
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:15 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  13. ElChorizo

    ElChorizo Premium Member Premium Member

    40
    4
    8
    Apr 29, 2021
    Ratings:
    +8
    Local Time:
    9:15 PM
    1.19.10
    10.3.28
  14. eva2000

    eva2000 Administrator Staff Member

    53,506
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:15 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    did you run cmupdate and then SSH log out and log back in?

    How did you create this linux user you are logging into SSH with? What's output for when you're logged in with this linux user for
    Code (Text):
    id


    I just tried on OVH server it has default sudo user that SSH log in with non-elevated sudo permissions and using SecureCRT SSH client, it logs into my Centmin Mod 140.00beta01 based server and does not show any MOTD display at all which is what updated dmotd.sh would do now and only shows it i log in as root or login as sudo user with auto command = sudo su -
     
  15. eva2000

    eva2000 Administrator Staff Member

    53,506
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:15 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    also what's the latest log show for
    Code (Text):
    bash -x /usr/local/src/centminmod/config/motd/dmotd.sh 2>&1 | tee /root/centminlogs/dmotd-debug-$(date +"%d%m%y-%H%M%S")-$(id -u).log
    
     
  16. ElChorizo

    ElChorizo Premium Member Premium Member

    40
    4
    8
    Apr 29, 2021
    Ratings:
    +8
    Local Time:
    9:15 PM
    1.19.10
    10.3.28
    Yes, I updated it, logged out and tried it. Still no worky. I did this install to AlmaLinux 9 from the Shell installer as the GUI wouldn't load on this dedicated machine. I created the user during the install. I always ssh in as this user, then sudo su - and then start the centminmod installation. I really hate leaving SSH open to remote root logins.

    I'm sending you a PM with all the info now.