Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: sudo and ssh
Top Forums UNIX for Advanced & Expert Users sudo and ssh Post 302144895 by Smiling Dragon on Sunday 11th of November 2007 05:02:23 PM
Old 11-11-2007
Quote:
Originally Posted by jOOc
Can you config sudo to use the passphrase in the user ssh-key instead of the one in the passwd?
Short answer: No sorry.

The passphrase would be on the client side anyway (to decrypt their private key) so couldn't be trusted by the sshd end.

I'd suggest sticking with NOPASSWD if you really can't have a local password for the user (I fail to see why this needs to be that way though...)
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

xwindows over ssh after sudo?

ok...I'm stumped on this one. I cannot figure out how to carry over my environment variables with a sudo command. I need to install an application under root and only have sudo access to get there. I can use ssh -Y <host> and launch an xwindows session successfully as myself but as soon as I sudo... (3 Replies)
Discussion started by: scottsl
3 Replies

2. UNIX for Advanced & Expert Users

sudo and ssh

Hi, I would like to know how i can perform a task, while performing ssh, sudo and command at the same time. What I generally do is I ssh to the server, where i created private and public, so it does not prompt me for password all the time. Then i need to run "sudo su - ldaprole" to get into... (9 Replies)
Discussion started by: john_prince
9 Replies

3. UNIX for Advanced & Expert Users

ssh and sudo login

Hi, I am trying to execute some command, via ssh and sudo. Here is what i want to do. ssh localhost | sudo su - ldaprole | ls -ltrh However, this command gives me listing of my home directory, and not of ldaprole. If I logic directly, when i perform sudo su - ldaprole, it... (5 Replies)
Discussion started by: john_prince
5 Replies

4. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

5. Programming

Using Commands over SSH using Sudo

Is there a way to transfer my sudo password via ssh so that I can copy files remotely and pass them locally, so: cat sudo-passwd-file|ssh -t user@10.7.0.180 'sudo find / -depth|cpio -oacv|gzip' > /path/to/dir/file.cpio.gz I am in the process of a creating a script. Everytime I try and just... (16 Replies)
Discussion started by: metallica1973
16 Replies

6. Red Hat

Sudo Password Prompt over SSH

I am not sure what I am missing here. I have the following identical entry in /etc/sudoers on multiple Red Hat 6.4 servers. icinga ALL=NOPASSWD:/usr/bin/yum --security --exclude\="kernel*" check-update On one server when I enter the command over SSH as follows it works fine. ssh -t -q... (1 Reply)
Discussion started by: scotbuff
1 Replies

7. Shell Programming and Scripting

Ssh & sudo

when the following command is issued the command prompt is received, how do I get past this? ssh -t usera@hosta sudo su - userb -c id (4 Replies)
Discussion started by: squrcles
4 Replies

8. Shell Programming and Scripting

Help in creating Sudo ssh script

Hi Experts, I am new to Shell scripting. I want to login to a server using a script. The normal command I use is --> sudo ssh <Servername> . when i tried putting this into a txt format file and tried running, it throw an error "can't execute". I am an Admin and i have root access. Any help would... (6 Replies)
Discussion started by: Tom1989
6 Replies

9. Cybersecurity

Help on Ssh using sudo

I'm confused in the configuration of sudoers for one group of users. The users need to execute a app from a remote machine, in this local machine they want me to allow ssh for them using sudo for eg. sudo -u admin ssh -X euadmin@<IP address of remote> <remote script which opens a gui> It... (1 Reply)
Discussion started by: anandk
1 Replies

10. Shell Programming and Scripting

Ssh does not support sqlplus and sudo -i?

Hey everybody, currently I am having an issue that I need to open an ssh session to a remote host, once on the remote host I need to use sudo and then execute sqlplus. Once the sqlplus call is open I need to execute one command while the sqlplus is active. For example show sga. I already got so... (3 Replies)
Discussion started by: h1kelds
3 Replies

LEARN ABOUT REDHAT

ssh-add

SSH-ADD(1)						    BSD General Commands Manual 						SSH-ADD(1)

NAME

     ssh-add -- adds RSA or DSA identities to the authentication agent

SYNOPSIS

     ssh-add [-lLdDxX] [-t life] [file ...]
     ssh-add -s reader
     ssh-add -e reader

DESCRIPTION

     ssh-add adds RSA or DSA identities to the authentication agent, ssh-agent(1).  When run without arguments, it adds the files
     $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity.  Alternative file names can be given on the command line.  If any file requires
     a passphrase, ssh-add asks for the passphrase from the user.  The passphrase is read from the user's tty.	ssh-add retries the last
     passphrase if multiple identity files are given.

     The authentication agent must be running and must be an ancestor of the current process for ssh-add to work.

     The options are as follows:

     -l      Lists fingerprints of all identities currently represented by the agent.

     -L      Lists public key parameters of all identities currently represented by the agent.

     -d      Instead of adding the identity, removes the identity from the agent.

     -D      Deletes all identities from the agent.

     -x      Lock the agent with a password.

     -X      Unlock the agent.

     -t life
	     Set a maximum lifetime when adding identities to an agent.  The lifetime may be specified in seconds or in a time format specified in
	     sshd(8).

     -s reader
	     Add key in smartcard reader.

     -e reader
	     Remove key in smartcard reader.

FILES

     $HOME/.ssh/identity
	     Contains the protocol version 1 RSA authentication identity of the user.

     $HOME/.ssh/id_dsa
	     Contains the protocol version 2 DSA authentication identity of the user.

     $HOME/.ssh/id_rsa
	     Contains the protocol version 2 RSA authentication identity of the user.

     Identity files should not be readable by anyone but the user.  Note that ssh-add ignores identity files if they are accessible by others.

ENVIRONMENT

     DISPLAY and SSH_ASKPASS
	     If ssh-add needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal.  If ssh-add does
	     not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the program specified by SSH_ASKPASS and
	     open an X11 window to read the passphrase.  This is particularly useful when calling ssh-add from a .Xsession or related script.
	     (Note that on some machines it may be necessary to redirect the input from /dev/null to make this work.)

     SSH_AUTH_SOCK
	     Identifies the path of a unix-domain socket used to communicate with the agent.

DIAGNOSTICS

     Exit status is 0 on success, 1 if the specified command fails, and 2 if ssh-add is unable to contact the authentication agent.

AUTHORS

     OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
     Theo de Raadt and Dug Song removed many bugs, re-added newer features and created OpenSSH.  Markus Friedl contributed the support for SSH
     protocol versions 1.5 and 2.0.

SEE ALSO

     ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8)

BSD
								September 25, 1999							       BSD
All times are GMT -4. The time now is 04:05 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy