01-10-2010
Hi,
if You're not too worried about the security issues (if for example You have an only local communication and no acces from the outside) You may want to consider creating password less ssh-keys, that way You don't have to enter a password or passphrase every time.
Best regards,
Lakris
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
i have a request about rcp.
is it possible to to make a rcp sessions for a normal user witch should have this option without a password prompt.
what are the important steps ....
add the host and user i the .rhosts
and
and
.
.
.
.
many thx (1 Reply)
Discussion started by: scottl
1 Replies
2. IP Networking
Hi
I am using a Solaris 2.5.1 and i am unable to logon on the console.
When i key in say, root on the login prompt, it does not prompt me for password but instead return to the login prompt again.
Please help.
thanks (2 Replies)
Discussion started by: owls
2 Replies
3. Shell Programming and Scripting
Hi,
First i want to tell you i am not a administrator and everytime to run a sqlscritpt i have to login as SU in a particular account to connect to sqlplus..
I want to write a script which can make me free by doin this .. since i am having the permission for SU i want to know if i can SUDO... (7 Replies)
Discussion started by: myelvis
7 Replies
4. UNIX for Advanced & Expert Users
hi
I have installed a new Linux machine and having another machine having Solaris on it. i want that when i log into my solaris machine using rlogin from Linux machine then no password prompt occurs...
Thanks in advance. (4 Replies)
Discussion started by: rochitsharma
4 Replies
5. Shell Programming and Scripting
Hi,
I am tranfering the files from local machine to remote machine using rsync utility but it is prompting password. but i don't want to provide through prompt. how can i give in my shell script.
can anyone suggest me.Thanks in advance
rsync -rvcpogtl -e "ssh $LOCAL_PORT" $SOURCE_DIR... (1 Reply)
Discussion started by: KiranKumarKarre
1 Replies
6. Shell Programming and Scripting
Hello,
I wish to store the password in an rsync script so that when prompted it just enters the password.
I know I can set up passwordless logins, but I have never been able to do this on this particular server so I am resorting to storing the password in the script:
rsync -avz -e ssh... (4 Replies)
Discussion started by: stuaz
4 Replies
7. UNIX for Advanced & Expert Users
Is there any way I can change the prompt which asks for the password on a UNIX system? e.g. When I login using Telnet instead of "Password" I should get "Correct Password".
Thanks,
Vineet (3 Replies)
Discussion started by: vineetd
3 Replies
8. Solaris
Hi All,
I have created a new user. Using the below command I have created the user successfully.
useradd -c "Test user" -d /tmp/test -g Testgroup -s /bin/ksh -u 601 Test
I don't want to set the password using “passwd” command after creating a user.
I want to prompt for the new... (2 Replies)
Discussion started by: kalpeer
2 Replies
9. UNIX for Dummies Questions & Answers
hi,
i have a requirement where i need to sudo to another user in the shell script.suppose consider user A and B, first user A calls a shell script and then i need to sudo to user B which executes another shell script inside the earlier one.
also this needs to be automated like while sudo'ing to... (3 Replies)
Discussion started by: krk
3 Replies
LEARN ABOUT NETBSD
pam_ssh
PAM_SSH(8) BSD System Manager's Manual PAM_SSH(8)
NAME
pam_ssh -- authentication and session management with SSH private keys
SYNOPSIS
[service-name] module-type control-flag pam_ssh [options]
DESCRIPTION
The SSH authentication service module for PAM provides functionality for two PAM categories: authentication and session management. In terms
of the module-type parameter, they are the ``auth'' and ``session'' features.
SSH Authentication Module
The SSH authentication component provides a function to verify the identity of a user (pam_sm_authenticate()), by prompting the user for a
passphrase and verifying that it can decrypt the target user's SSH key using that passphrase.
The following options may be passed to the authentication module:
use_first_pass If the authentication module is not the first in the stack, and a previous module obtained the user's password, that password
is used to authenticate the user. If this fails, the authentication module returns failure without prompting the user for a
password. This option has no effect if the authentication module is the first in the stack, or if no previous modules
obtained the user's password.
try_first_pass This option is similar to the use_first_pass option, except that if the previously obtained password fails, the user is
prompted for another password.
nullok Normally, keys with no passphrase are ignored for authentication purposes. If this option is set, keys with no passphrase
will be taken into consideration, allowing the user to log in with a blank password.
SSH Session Management Module
The SSH session management component provides functions to initiate (pam_sm_open_session()) and terminate (pam_sm_close_session()) sessions.
The pam_sm_open_session() function starts an SSH agent, passing it any private keys it decrypted during the authentication phase, and sets
the environment variables the agent specifies. The pam_sm_close_session() function kills the previously started SSH agent by sending it a
SIGTERM.
The following options may be passed to the session management module:
want_agent Start an agent even if no keys were decrypted during the authentication phase.
FILES
$HOME/.ssh/identity SSH1 RSA key
$HOME/.ssh/id_rsa SSH2 RSA key
$HOME/.ssh/id_dsa SSH2 DSA key
$HOME/.ssh/id_ecdsa SSH2 ECDSA key
SEE ALSO
ssh-agent(1), pam.conf(5), pam(8)
AUTHORS
The pam_ssh module was originally written by Andrew J. Korty <ajk@iu.edu>. The current implementation was developed for the FreeBSD Project
by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
(``CBOSS''), as part of the DARPA CHATS research program. This manual page was written by Mark R V Murray <markm@FreeBSD.org>.
SECURITY CONSIDERATIONS
The pam_ssh module implements what is fundamentally a password authentication scheme. Care should be taken to only use this module over a
secure session (secure TTY, encrypted session, etc.), otherwise the user's SSH passphrase could be compromised.
Additional consideration should be given to the use of pam_ssh. Users often assume that file permissions are sufficient to protect their SSH
keys, and thus use weak or no passphrases. Since the system administrator has no effective means of enforcing SSH passphrase quality, this
has the potential to expose the system to security risks.
BSD
December 16, 2011 BSD