How to save a file in vscode-remote SSH with a non-root user privileges

Vscode Remote

Vscode Remote Problem Overview

I am not able to save any files on my remote server with VSCode Remote SSH because I am not a root user.

I've followed the official documentation about how to set up ssh with SSH config file but even if my user as sudo privileges, I can't find any options in VSCode to save with sudo.

here is my SSH config file /Users/geoff/.ssh/config:

Host gcpmain
    User geoff
    HostName <IP_ADDRESS>
    IdentityFile ~/.ssh/gc_rsa

Obviously, when I try to save any files that require sudo I have this expected error message:

Failed to save 'default': Unable to write file (NoPermissions
 (FileSystemError): Error: EACCES: permission denied, open 

Is there any way that I can force VSCode to save as sudo? Thanks a lot for your answers! :)

Vscode Remote Solutions

Solution 1 - Vscode Remote

I recommend this VSCode extension: Save as Root in Remote SSH

Install the extension on a window opened with Remote-SSH and use "Save as Root" in the command palette instead of Ctrl+S.

Basically, it reads the contents of the editor and calls the sudo command to overwrite the file.

Solution 2 - Vscode Remote

sudo chown -R myuser /path/to/folder

This worked fine for me!

Solution 3 - Vscode Remote

I have faced the same question when I tried to edit the nginx conf files on my VPS. There is an open issue at github: Elevate rights on SSH remote, addressing similar problems.

As a temporary solution you can use WinScp - add sudo /path/to/sftp-server to your connection settings and then you can save changes to most (if not any) file. WinScp use sudo on login.

Solution 4 - Vscode Remote

I also met the same issue when using vs code to ssh login CentOS with non-root account.

The true reason is: Your user account ("geoff" here) need to get the permission of the destination directory first.

sudo setfacl -R -m u:geoff:rwx /etc/nginx/sites-available/default

for you case.

More general usage:

sudo setfacl -R -m u:username:rwx /path/to/directory

This command will help you get the permission of the directory /path/to/directory, without influencing the permissions of any other user or group. Not recommend to use chown. This solution can be used on Mac/Linux.

When you finish running above command, you can edit and save in VS code. May it be helpful for you.

Solution 5 - Vscode Remote

Easiest solution for configuring files on a remote machine using a VSCode ssh (I use an Ubuntu EC2 instance with AWS) is to modify the file privileges while you work on the files using chmod.

By default, server config files (/etc/nginx/sites-available/default) are read-only (require sudo to write/save). There are open issues to allow VSCode SSH sudo access, however no good solution that I was able to find.

When you need to configure server files in dev, run this in your command-line SSH (non-VSCode) with sudo privileges:

sudo chmod a+rwx /etc/nginx/sites-enabled/default

(or whatever your path to server config file is).

You can then ssh with VSCode and save the edited file freely.

If you don't like working in vim through the command line and want to use VSCode to edit server config files, this might be the quickest solution. Don't forget to switch file permissions back to read-only when you're done:

sudo chmod -R 0444 /etc/nginx/sites-available/default

Solution 6 - Vscode Remote

Not quite answering your question, but a workaround nonetheless...

I have the same issue in a purely Dev environment (the remote Linux box is not in Production, and I have the root password). I worked around it by connecting as root whilst restricting where you can connect as root from.

ssh-rsa ...Lots of text... dev@host

  • Change the entry so that it reads:

from="" ssh-rsa ...Lots of text... dev@host (where is your VSCode dev machine)

Edit the connection entry under VSCode so that it reads something like:

# Read more about SSH config files: Host linuxdev HostName linuxdev.resolvable.fqdn User root

All of the above assumes that you know the root password and that sshd_config already has PermitRootLogin=yes.

If you want to further restrict the SSH root login from your VSCode Dev machine, then you could set PermitRootLogin=no globally in sshd_config and add a new restriction within sshd_config like this (at the end of the file): Match Host PermitRootLogin yes

Then restart sshd (systemctl restart sshd) for the new SSHD permission to apply.

Solution 7 - Vscode Remote

I connect to the remote Ubuntu machine from the local VSCode using SSH and install VSCode inside the Ubuntu machine. I was able to create the files but can't write anything there.

I need to write a Prometheus config file and this is how I gave the write permission:

sudo chown -R ubuntu /etc/prometheus/prometheus.yml 

Solution 8 - Vscode Remote

One solution for Linux I just came across is to use bindfs (sudo apt install bindfs).

To enable editing /etc/nginx as root for the current user, working in ~/.bind-mounts/nginx:

mkdir -p ~/.bind-mounts/nginx
sudo bindfs --map=root/${USER}:@root/@$(id -gn) /etc/nginx ~/.bind-mounts/nginx
sudo umount ~/.bind-mounts/nginx # When you're done, or run bindfs with '-f' to keep it in the foreground

bindfs has many options. --map may not be the best. It's been working in my testing so far.

Everything seems to work as you'd expect. Lets you "explore" as root and any modifications will be made as if you had root's permissions. Just don't forget the security implications!


All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionGeoffView Question on Stackoverflow
Solution 1 - Vscode RemoteumituView Answer on Stackoverflow
Solution 2 - Vscode RemoteGautam GhaiView Answer on Stackoverflow
Solution 3 - Vscode RemoteCsaba VargaView Answer on Stackoverflow
Solution 4 - Vscode RemoteBravo YeungView Answer on Stackoverflow
Solution 5 - Vscode Remotee-dylanView Answer on Stackoverflow
Solution 6 - Vscode RemotemisterjayteeView Answer on Stackoverflow
Solution 7 - Vscode RemoteArefeView Answer on Stackoverflow
Solution 8 - Vscode RemoteCameron TacklindView Answer on Stackoverflow