Automatic privilege escalation when connecting via SSH
Normally, you cannot log in directly
over SSH using the root account. Therefore, after connecting, you
usually run the su
command and enter the root password to escalate privileges.
JumpServer allows you to automate this process and start an SSH session with automatic privilege escalation to root without knowing or exposing the root password.
To configure this:
-
Go to System Settings → Platforms, select the required Linux-based platform (or copy the default one), open its settings, and in the Switch Account Method field specify the command to be used for switching accounts — for example,
su -.
-
Navigate to Console → Accounts, find the privileged account (for example,
root), open it for editing, and in the Switch from field specify the user account (in this example,serg) from which the initial connection will be made. Save the changes.
-
Now, when connecting via SSH, you can select root, but the session will start under the
sergaccount and automatically switch to root after authentication. At the start of the session, you will see the message "switched to root(root)".
| << How to connect to domain assets using a single domain account? | Creating Accounts and SSH Keys on the Target System (Push Accounts) >> |
Need help?
Support during the JumpServer PAM Enterprise Edition pilot
Have you started testing JumpServer PAM EE and encountered an issue? Our process includes organizing email threads or Telegram groups for prompt issue resolution. If you are sure you were not added to such a group, please contact your supplier or reach out to us at support@afi-d.ru
Training for your specialists on configuring and administering JumpServer PAM
As part of an active technical support subscription, we will train your specialists in installation, configuration, administration of JumpServer PAM, as well as recovery from errors and incidents.
Training is conducted online, according to a pre-agreed plan, and includes mandatory practical knowledge verification with the issuance of personalized certificates (upon successful exam completion).
Video tutorials
Visit our channel on YouTube with video tutorials covering the configuration of all JumpServer PAM sections. The videos are in Russian and are updated with each new release.
Technical support for the free JumpServer PAM Community Edition
The idea of implementing a complex but business-critical PAM system can be intimidating due to the perceived complexity of setup, administrator and security team training, and changes to account management processes.
To make the deployment and configuration of JumpServer Community Edition comfortable, and to ensure you can always rely on professional assistance, AFI Distribution offers an annual technical support subscription.
The support package priced at 1.5 million RUB per JumpServer Community Edition instance (with no limits on the number of users or target systems) includes everything required to use PAM:
- Russian-language documentation;
- usage scenarios and recommended deployment architectures;
- training for administrators and information security specialists on working with JumpServer;
- tips and solutions for common questions;
- notifications about new releases with verified upgrade instructions;
- integration with RADIUS and multi-factor authentication “Multifactor” ;
- direct access to an engineer (no first-line support) with a clear SLA.
