Layer7 API Management

Dear Team.

I am trying to restart the ssg service on a gateway from a remote box using ssh

The command I am using looks like:

ssh ssgadmin@<gateway> sudo systemctl restart ssg

After entering the password for ssgadmin, I get a permission denied error for this sudo command

What I don't understand: if I create a console session through

ssh ssgadmin@<gateway>

login with password, and enter the same command at the prompt:

sudo systemctl restart ssg

it works just fine.

Did I miss anything?

What am I doing wrong ?

Thank you

...Michael

To run interactive commands, such as sudo, you need a pseudo terminal.  Use the -t option to start one.  An interactive session is started automatically if you don't specify a remote command to run.

ssh -t user@remote_server "sudo systemctl restart ssg"

Alternatively, I think you can pipe the commands to the SSH command rather that specifying them in the ssh command  for example:

echo "sudo systemctl restart ssg" | ssh user@remote_server

Dear Team.

I am trying to restart the ssg service on a gateway from a remote box using ssh

The command I am using looks like:

ssh ssgadmin@<gateway> sudo systemctl restart ssg

After entering the password for ssgadmin, I get a permission denied error for this sudo command

What I don't understand: if I create a console session through

ssh ssgadmin@<gateway>

login with password, and enter the same command at the prompt:

sudo systemctl restart ssg

it works just fine.

Did I miss anything?

What am I doing wrong ?

Thank you

...Michael

Hi Joseph.

Thank you very much. It looks obvious and promising.

However, its still not working for me as described.

The only scenario (as of now), where I am able to get it to run is by defining NOPASSWD for this command in /etc/sudoers.d/ssgadmin

Then I am able to do a 

echo "sudo systemctl status ssg" | ssh ssgadmin@<gateway>

Anyway thanks for the hint. it pointed me in the right direction.

Best regards

...Michael

To run interactive commands, such as sudo, you need a pseudo terminal.  Use the -t option to start one.  An interactive session is started automatically if you don't specify a remote command to run.

ssh -t user@remote_server "sudo systemctl restart ssg"

Alternatively, I think you can pipe the commands to the SSH command rather that specifying them in the ssh command  for example:

echo "sudo systemctl restart ssg" | ssh user@remote_server

Dear Team.

I am trying to restart the ssg service on a gateway from a remote box using ssh

The command I am using looks like:

ssh ssgadmin@<gateway> sudo systemctl restart ssg

After entering the password for ssgadmin, I get a permission denied error for this sudo command

What I don't understand: if I create a console session through

ssh ssgadmin@<gateway>

login with password, and enter the same command at the prompt:

sudo systemctl restart ssg

it works just fine.

Did I miss anything?

What am I doing wrong ?

Thank you

...Michael

Hello, Michael. Since we may replace the /etc/sudoers.d/ssgadmin file during upgrades, it's better to create new files in the /etc/sudoers.d folder for your custom rules as discussed here, https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/11-1/install-configure-upgrade/configure-the-appliance-gateway/using-ssgadmin.html#topic.dita_dc07d696-e46c-4298-9f8a-0f1c65b2bdd1_custom_sudo_rules.

Hi Joseph.

Thank you very much. It looks obvious and promising.

However, its still not working for me as described.

The only scenario (as of now), where I am able to get it to run is by defining NOPASSWD for this command in /etc/sudoers.d/ssgadmin

Then I am able to do a 

echo "sudo systemctl status ssg" | ssh ssgadmin@<gateway>

Anyway thanks for the hint. it pointed me in the right direction.

Best regards

...Michael

To run interactive commands, such as sudo, you need a pseudo terminal.  Use the -t option to start one.  An interactive session is started automatically if you don't specify a remote command to run.

ssh -t user@remote_server "sudo systemctl restart ssg"

Alternatively, I think you can pipe the commands to the SSH command rather that specifying them in the ssh command  for example:

echo "sudo systemctl restart ssg" | ssh user@remote_server

Dear Team.

I am trying to restart the ssg service on a gateway from a remote box using ssh

The command I am using looks like:

ssh ssgadmin@<gateway> sudo systemctl restart ssg

After entering the password for ssgadmin, I get a permission denied error for this sudo command

What I don't understand: if I create a console session through

ssh ssgadmin@<gateway>

login with password, and enter the same command at the prompt:

sudo systemctl restart ssg

it works just fine.

Did I miss anything?

What am I doing wrong ?

Thank you

...Michael