07-01-2007
Use of sudoer with ssh login shell script (KSH)
Greetings all,
I'm in the midst of writing a login component for a series of shell scripts. What my login script does is this:
1. Prompt for username and read in username
2. Prompt for destination host and read in destination host
3. run ssh username and destination host
4. After user keys in password and verification is complete, the login script checks his username against a file and looks up his level of access rights (indicated by a number). The script then launches either a.sh (for superusers) or b.sh (for standard users) depending on his access rights.
I'm just wondering whether I can make use of the sudoers file to achieve step 4 instead of keeping an extra file on the system to store user priority records since it would appear that both files serve a similar function.
If it is possible to make use of the sudoer file to determine a given user's access rights and launch him/her into one of the shell scripts accordingly, how can this be achieved?
Thanks in advance
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi all,
Normally, we give ip address to login with ssh like ssh 172.168.0.1
And we can give login name to ssh like ssh -l root 172.10.0.21
Then the shell asks the password, we enter the password and login to the system.
While using the script file, we are not able to supply the password to... (5 Replies)
Discussion started by: pcsaji
5 Replies
2. Shell Programming and Scripting
Hi all,
Just like to ask if it is possible to do the following:
1. Have a shell script that calls ssh username@destinationhost
2. Upon successful verification, we ssh into the destination host and automatically use ksh to run a shell script that resides in the destination host. (Hopefully no... (8 Replies)
Discussion started by: rockysfr
8 Replies
3. UNIX for Advanced & Expert Users
Greetings all,
I'll just like to know if it is possible to launch a shell script automatically upon a user's successful login into ssh from a remote host, without adding a command parameter to the ssh command...
ie. after keying in ssh username@host (not ssh username@host "command") and upon... (1 Reply)
Discussion started by: rockysfr
1 Replies
4. Shell Programming and Scripting
I have created a ksh shell script and used it as a login shell for a user.
</etc/passwd>
lramirev:x:111:200:Luis:/export/home/menush:/usr/local/menush/menush
My shell script is like this:
</usr/local/menush/menush>
#!/bin/ksh
#
if ]
then
. $HOME/.profile
fi
... (8 Replies)
Discussion started by: lramirev
8 Replies
5. Shell Programming and Scripting
Hi All ,
I need to call a script runscript_B.sh on server A, the runscript_B.sh script locating in server B.
The runscript_B.sh in calls another script runscript_A on server A itself.
it seend, i need to be connect from Server A to Server B using ssh.
I have tryed like this in... (3 Replies)
Discussion started by: koti_rama
3 Replies
6. Shell Programming and Scripting
Hi
newbeeeee alarm
i want to send a little script over ssh
this script mus download a report.tar then rename and move. the report name format is report_<host.with.dot>-10-09-20-11:55:25.tar
function remote_cmd_mv
{
_host=$1
ARCHROOTDIR='/tmp'
... (8 Replies)
Discussion started by: TigerGoods
8 Replies
7. Red Hat
Hello All,
I am trying to login on server using ssh script & expect.Login to server successful but after login when i hit enter it gets hanged & when pressing CTRL +C it logs me out from the server.
Scripts are as below.
#!/bin/bash
FILE=login.txt
CONNECT=sshlogin.exp
SERVERNAME=$1... (2 Replies)
Discussion started by: ajaincv
2 Replies
8. Shell Programming and Scripting
Hi guru,
I'm making crazy cause an issue on a ksh shell I made.
In this shell I want to execute unix command on a remote machine using an ssh connection like ssh user@host 'command'.....
The command is very simply, is an ls on a remote directory but it give me an unexpected result.
The... (4 Replies)
Discussion started by: leobdj
4 Replies
9. Shell Programming and Scripting
Hello all,
for security reasons my compagny imposes that my script be launch remotly via ssh under the users login shell.
So serverA launches the ssh command to serverB which has a local user with my script as a login shell.
Local script works like a charm on his own.
serverB$ grep... (20 Replies)
Discussion started by: maverick72
20 Replies
10. UNIX for Beginners Questions & Answers
I have googled this and found many solutions, but none of them are working for me. I am in a korn shell, most others reference bsh, maybe that is the issue? Anyway, all I am trying to do is use a variable I have declared in my main script in a remote shell I am running through ssh.
So I have a... (8 Replies)
Discussion started by: DJR
8 Replies
LEARN ABOUT OPENDARWIN
ftphosts
ftphosts(4) File Formats ftphosts(4)
NAME
ftphosts - FTP Server individual user host access file
SYNOPSIS
/etc/ftpd/ftphosts
DESCRIPTION
The ftphosts file is used to allow or deny access to accounts from specified hosts. The following access capabilities are supported:
allow username addrglob [addrglob...]
Only allow users to login as username from host(s) that match addrglob.
deny username addrglob [addrglob...]
Do not allow users to login as username from host(s) that match addrglob.
A username of * matches all users. A username of anonymous or ftp specifies the anonymous user.
addrglob is a regular expression that is matched against hostnames or IP addresses. addrglob may also be in the form address:netmask or
address/CIDR, or be the name of a file that starts with a slash ('/') and contains additional address globs. An exclamation mark (`!')
placed before the addrglob negates the test.
The first allow or deny entry in the ftphosts file that matches a username and host is used. If no entry exists for a username, then access
is allowed. Otherwise, a matching allow entry is required to permit access.
EXAMPLES
You can use the following ftphosts file to allow anonymous access from any host except those on the class A network 10, with the exception
of 10.0.0.* IP addresses, which are allowed access:
allow ftp 10.0.0.*
deny ftp 10.*.*.*
allow ftp *
10.0.0.* can be written as 10.0.0.0:255.255.255.0 or 10.0.0.0/24.
FILES
/etc/ftpd/ftphosts
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWftpr |
+-----------------------------+-----------------------------+
|Interface Stability |External |
+-----------------------------+-----------------------------+
SEE ALSO
in.ftpd(1M), ftpaccess(4), attributes(5)
SunOS 5.10 1 May 2003 ftphosts(4)