NetForChoice Blog –

How to Switch (su) to Other User Account Without Password – 100 % Working Methods

How to Switch (su) to Other User Account Without Password

Your life can become a little easier with SU (Switch User) command in Linux. Here’s how to switch a user to another user account through the ‘su’ command. Alert! The price of convenience is security.

The ‘su’ is an abbreviate for substitute or switch user. It is an interesting command that allows executing commands with another user’s privileges (By default, the root user).

Due to this, the only root user has the right to switch to another user’s account without entering a password. However, the rest of the users will prompt to enter the associated password of the corresponding user account. Plus, the entered password is incorrect; they end up with the error – Authentication Failed.

Therefore, in this tutorial, we will shed light on how to switch to another or a specific user account without password help.

Let’s begin!

Methods to Switch (SU) into Another User Account in Linux

You can use any of the techniques to accomplish the user switch procedure.

Solution #1. Using PAM Authentication Mode

PAM is an abbreviation used for Pluggable Authentication Modules. It is an excellent mechanism that associates multiple low-level authentication schemes to a high-level API.

It is one of the significant authentication programs on modern Linux OS. PAM enables the programs that are subject to authentication to be written independently of the underlying authentication scheme.

You need to change the default PAM settings to permit users of a specific group to switch to another user account. To do this, you need to run any of the below-mentioned commands.

#vim /etc/pam.d/su

OR

$ sudo /vim etc/pam.d/su

Afterward, it would be best if you integrated the following configurations after “auth sufficient pam_rootok.so” as shown below;

auth [success=ignore default=1] pam_succeed_if.so user = User_Account
auth sufficient pam_succeed_if.so use_uid user ingroup User_Account

In the command mentioned earlier, the initial line verifies the target user is User_Account. Suppose this is true; the service looks over the current user. Else, the default=1 line is skipped, and the rest of the authentication steps are performed.

auth [success=ignore default=1] pam_succeed_if.so user = User_Account

If the current user is within the group User_Account, then the authentication method would be considered successful and returns sufficient as a result. Else, you will observe that the standard authentication steps are run.

auth sufficient pam_succeed_if.so use_uid user ingroup User_Account

Time to save the file and close it. Now, you need to include the user (for example, zoop) who wants to switch to the account User_Account without a password using the usermod command.

$sudo usermod -aG User_Accountzoop

At last, ‘su’ to the User_Account as the user zoop. This time you won’t be prompted for a password.

Method 2 – Use of Sudoers File

Try sudoers file to su to another user account without the need for a password. In this procedure, the user (for example, zoop) who is ready to switch to another user account (for example, User_Account) must be available in the sudoers file or in the sudo group to invoke the Sudo command.

$ sudo visudo

Afterward, you need to include the following configuration below the line “%sudo ALL=(ALL:ALL) ALL”.

Zoop ALL=NOPASSWD: /bin/su – User_Account

Save and close the file. In the end, try to ‘su’ to the account User_Account as the user Zoop. This time the shell shouldn’t prompt you to enter a password.

$ sudo su - User_Account

Conclusion

‘SU’ is an impeccable command that allows the user to become another user temporarily. So, you can efficiently execute commands with the substitute user. Here, we have mentioned two ingenious methods by which you can easily switch (su) to another user account without a password.

Ask From Experts

Exit mobile version