Scenario Description

In the context of managing Linux systems, administrators may encounter the challenge of needing to perform system-level operations without frequently entering passwords. For instance, when installing software or modifying configuration files, security policies often prevent direct login as the root user. To address this, JumpServer provides the Switch from function, allowing administrators to quickly switch to the root user by configuring sudo su - for temporary privilege escalation, while ensuring the correct environment variables are loaded. If administrators already have the root password, using su - to switch to the root user is even more efficient, simplifying the system management process and improving work efficiency.

Operation Instructions

The functionality of Switch from requires us to create two accounts as switching accounts. After completing the configuration on JumpServer, the accounts will automatically switch when logging into the asset.

Create Accounts

In the asset name page of JumpServer, switch to the <Accounts> tab to manage accounts.

Here we need to create two accounts, namely coxi and root, which will later be used for the account switch configuration from coxi to root.

Configure Switch from

Open the configuration page of the root account and select coxi in the <Switch from> field as the account for automatic switching. The switching logic will be coxi -> root.

Configure the Authorization rule

Switch to the Authorization page, create a rule, and when specifying the Account, select root as the login user.

Function Verification

Log in to the asset on the Web Terminal page, selecting root as the account.

The asset connection is successful, and you can see the Switch action has occurred. Additionally, you can check the log file < /var/log/auth.log >, which contains log information indicating that the session was opened for user root by coxi.