Do you mean ssh access sometimes w/key and sometimes wo/key from the same account and node?
No. You cannot decide to turn/off/on passwordless key for some jobs and not others for one single account. Access is on a per user account basis, not per job.
You should consider creating protected key-only account(s), and grant only certain users sudo to that account(s). Which is akin to your idea of 'session-level'
You could also create one or more remote ssh-only account, example dummy, then give the keys to certain users and not others. Those with the key can go in with
You can create different remote user accounts which are job specific, granting code access by chrooting each account and having links in /usr/bin (or wherever) that give access only to the code/scripts needed to run just that job.
Hello,
I want to use a shell-script to transfer data over sftp.
I donīt find a way to login in automatically.
I tried to send the password in a script like possible with
ftp
sftp user@server << cmd
password
cd /distant/directory
lcd /local/directoryget ssh_install
get ( or put) your... (2 Replies)
Hello all,
Today we run ssh with keys on all our Solaris systems. But I wounder: Is it possible to add another authentication too. Like the os/system regular password so the users first need to enter the ssh phasssphrase and after that they need to enter the os/system password.
I need like... (3 Replies)
Below is a part of my shell script. Currently I have shared the public key of the client with the host, therefore I will not be prompted for the password.
The key that has been created on the client is also without a passphrase. If it is created with a passphrase, the code I have will not... (3 Replies)
ssh passphrase permissions issues
I will try to be as thorough as possible, but keep in mind I am a designer, not a programmer... I do have linux mdadm experience and am reasonably comfortable behind the terminal, but I may need things to be spelled out for me. I am using 2 new-ish Macs with... (1 Reply)
I have 9 servers, on each server a script with common name is available.
I send a token file to all server from 1 particular server. so when a daemon job checks that token file is available then it triggers the script..
I want to know is there any command or script which I will run/execute on... (16 Replies)
Hi Folks,
I have setup a passwordless connection from my Linux ( source) machine toSolaris ( destination ) machine. I have added passphrase while creating the rsa key. Now problem is each time when i make a connection i have to give the passphrase to make connection. How to override this ?
I... (4 Replies)
I would like to write a bash shell script which will connect to remote server using passphrase. (I have public-private infrastructure created, and as per instruction, I must not use password less ssh).
This particular script will be fired from cron.
Can you please advice how I can supply the... (2 Replies)
Hi folks.
I'm pretty new to unix, while I'm learning a lot I'm finding bash scripting quite confusing. Im sure it's not really, my head just hasn't clicked with it.
Anyway, I need a script to loop the ip addresses stored in a file and run a "pgrep <process>" and return the pid or some... (2 Replies)
Hi,
I am trying to complete my bash script in order to find which SSH servers on LAN are still active with the ssh keys, but i am frozen at this step:
#!/bin/bash
# LAN SSH KEYS DISCOVERY SCRIPT
</etc/passwd \
grep /bin/bash |
cut -d: -f6 |
sudo xargs -i -- sh -c '
&& cat... (11 Replies)
Discussion started by: syrius
11 Replies
LEARN ABOUT DEBIAN
ssh-copy-id
SSH-COPY-ID(1) General Commands Manual SSH-COPY-ID(1)NAME
ssh-copy-id - install your public key in a remote machine's authorized_keys
SYNOPSIS
ssh-copy-id [-i [identity_file]] [user@]machine
DESCRIPTION
ssh-copy-id is a script that uses ssh to log into a remote machine and append the indicated identity file to that machine's ~/.ssh/autho-
rized_keys file.
If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regardless of whether there are any keys in your
ssh-agent. Otherwise, if this:
ssh-add -L
provides any output, it uses that in preference to the identity file.
If the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file. Once it has one or more fin-
gerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file, and directory,
if necessary.)
NOTES
This program does not modify the permissions of any pre-existing files or directories. Therefore, if the remote sshd has StrictModes set in
its configuration, then the user's home, ~/.ssh folder, and ~/.ssh/authorized_keys file may need to have group writability disabled manu-
ally, e.g. via
chmod go-w ~ ~/.ssh ~/.ssh/authorized_keys
on the remote machine.
SEE ALSO ssh(1), ssh-agent(1), sshd(8)OpenSSH 14 November 1999 SSH-COPY-ID(1)