Automatic privilege escalation when connecting via SSH

Normally, you cannot log in directly over SSH using the root account. Therefore, after connecting, you usually run the su command and enter the root password to escalate privileges.

JumpServer allows you to automate this process and start an SSH session with automatic privilege escalation to root without knowing or exposing the root password.

To configure this:

Go to System Settings → Platforms, select the required Linux-based platform (or copy the default one), open its settings, and in the Switch Account Method field specify the command to be used for switching accounts — for example, su -.
Navigate to Console → Accounts, find the privileged account (for example, root), open it for editing, and in the Switch from field specify the user account (in this example, serg) from which the initial connection will be made. Save the changes.
Now, when connecting via SSH, you can select root, but the session will start under the serg account and automatically switch to root after authentication. At the start of the session, you will see the message "switched to root(root)".

Getting Started Guide for JumpServer PoC

Installation JumpServer Enterprise Edition

Installation JumpServer Community Edition

JumpServer HA-cluster configuration

HAProxy configuration for JumpServer HA-cluster

Operation and Maintenance with command line jmsctl

JumpServer port discription

Installing SSL Certificates and Configuring HTTPS

Configuring Correct User IP Display When Using HAProxy Authentication

How to Save Transferred Files in JumpServer

Where Does JumpServer Store Copies of Files Transferred via SFTP and RDP?

How to Remove Passwords Entered by Users Inside SSH Sessions from the Logs

Syslog configuration

Configuring External Storage for Session Recordings in JumpServer

How to Set the Correct Date and Time in JumpServer?

RDP Session Video Compression: Configuring Video-Worker

Active Directory synchronization with AD groups

How to enable 2FA(TOTP) auth

Installing OpenSSH for account management for Windows

RemoteApp configuration for application publishing

Setting up Panda for application publishing(alternative to RemoteApp)

Changing the lifetime and reusability of connection tokens in JumpServer

How to configure access to asset web-interface, HTTP session configuration

Command filter configuration for SSH and database queries

How to connect to domain assets using a single domain account?

Automatic privilege escalation when connecting via SSH

Creating Accounts and SSH Keys on the Target System (Push Accounts)

Discovering Unmanaged Accounts (Discover Accounts)

Changing the Default Directory for SFTP Connections

Configuring Asset Discovery in Local Networks and Cloud Platforms

Connecting to Target Systems: All Possible Options

Opening RDP Sessions in Remote Desktop Manager (Devolutions)

Supported Database Types and Connection Methods

Installing, Configuring, and Using JumpServer Client

Connecting to Systems Using the SSH Selector in JumpServer

How to check system status and container logs

RemoteApp Troubleshooting

Custome Applet structure for RemoteApp

How to Write API Requests Using Cursor AI

Developing Custom Applications for Panda

Automatic privilege escalation when connecting via SSH