|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Setup multiple passwordless authentication
Post 302387065 by frans on Thursday 14th of January 2010 11:00:16 AM
01-14-2010
Quote:
Thanks..I did google about the command .
I am not sure whether this would help me in setting up passwordless authentication between one source and multiple destination.
If I am not wrong, it would still require the passwords of the destination machines while running this script.
I am not sure whether this would help me in setting up passwordless authentication between one source and multiple destination.
If I am not wrong, it would still require the passwords of the destination machines while running this script.
The only other way would be to transfer the key (and set appropriate permissions) from an USB key hard-plugged on the server
|
|
10 More Discussions You Might Find Interesting
1. AIX
I am trying to implement passwordless authentication via ssh2. I have used the well documented technique of generating a key pair with a blank passphrase on my client machine, and installing the public key on the destination server (AIX 5.3) in the user's .ssh2 directory. I have used this technique... (1 Reply)
Discussion started by: RegX
1 Replies
2. AIX
Hello,
I would like to issue a couple of commands as root on a remote machine without having to enter the root password. I used "ssh-keygen -t rsa" to generate the encryption keys, copied the public key to the remote machine, etc.
I also tried playing around with the sshd_config file and... (3 Replies)
Discussion started by: sphericon
3 Replies
3. Shell Programming and Scripting
Dear All
I need to discuss about the problem which has been discussed so many times here. I need to transfer a file from server A to server B via passwordless SFTP script. By reading the threads on this topic here, I followed the below steps but still it's not working ..
Pls find the steps... (13 Replies)
Discussion started by: uday.shankar
13 Replies
4. Shell Programming and Scripting
Hey all,
I have a script that I use for some automated installs. Unfortunately for the script to work the server that it's running from needs to have host-key authentication setup to the target server. If it isn't setup beforehand and the script is executed the install partially completes and... (1 Reply)
Discussion started by: Rike255
1 Replies
5. Red Hat
Hello,
Need a suggestion to setup private key passwordless authentication. I am not sure this can done or not :wall:
here is the sincerio
I have two servers, sever1 with a user "user1" and servera with usera
here dataflow: usera from servera, will pull/push files to server1 on user1... (2 Replies)
Discussion started by: bobby320
2 Replies
6. Shell Programming and Scripting
Hello Unix scripters,
I have created a small tool that i can distribute to users to check whether they have passwordless login to a list of servers.
The problem in my code below is if user do not have the passwordless login yet, it will prompt them with a password login and my message below... (2 Replies)
Discussion started by: ryandegreat25
2 Replies
7. Ubuntu
Unable to set ssh passwordless authentication
I am unable to ssh with passwordless authentication from Windows client onto UBuntu server. The ssh version on UBuntu is OpenSSH_5.8p1 Debian-7ubuntu1, OpenSSL 1.0.0e , while SSH on Windows Client is OpenSSH_5.1p1, OpenSSL 0.9.8k. I turned on ssh... (5 Replies)
Discussion started by: tkota
5 Replies
8. UNIX for Dummies Questions & Answers
after copying the public key then also the passwordless authentication is not working
Best regards,
Vishal (2 Replies)
Discussion started by: Vishal_dba
2 Replies
9. Shell Programming and Scripting
Hi,
I am in the process FTPing some of my report files from my production server to another FTP server through batch/Shell Script.
This is working fine with the password less authentication.
Once i place all my report files in the ftp server the end users need to download ... (3 Replies)
Discussion started by: Showdown
3 Replies
10. Shell Programming and Scripting
Hey team
I have to enable password less authentication betweeen A to B server and A to C server and A to D server.
For this I generated a ssh key on server A using ssh-keygen command and copied the key using ssh-copy-id command to B, C and D server. Everything is working fine as of now but... (5 Replies)
Discussion started by: Sandeep_sandy
5 Replies
LEARN ABOUT XFREE86
kas_setpassword
KAS_SETPASSWORD(8) AFS Command Reference KAS_SETPASSWORD(8) NAME kas_setpassword - Changes the key field in an Authentication Database entry SYNOPSIS kas setpassword -name <name of user> [-new_password <new password>] [-kvno <key version number>] [-admin_username <admin principal to use for authentication>] [-password_for_admin <admin password>] [-cell <cell name>] [-servers <explicit list of authentication servers>+] [-noauth] [-help] kas setpasswd -na <name of user> [-ne <new password>] [-k <key version number>] [-a <admin principal to use for authentication>] [-p <admin password>] [-c <cell name>] [-s <explicit list of authentication servers>+] [-no] [-h] kas setp -na <name of user> [-ne <new password>] [-k <key version number>] [-a <admin principal to use for authentication>] [-p <admin password>] [-c <cell name>] [-s <explicit list of authentication servers>+] [-no] [-h] kas sp -na <name of user> [-ne <new password>] [-k <key version number>] [-a <admin principal to use for authentication>] [-p <admin password>] [-c <cell name>] [-s <explicit list of authentication servers>+] [-no] [-h] DESCRIPTION The kas setpassword command accepts a character string of unlimited length, scrambles it into a form suitable for use as an encryption key, places it in the key field of the Authentication Database entry named by the -name argument, and assigns it the key version number specified by the -kvno argument. To avoid making the password string visible at the shell prompt, omit the -new_password argument. Prompts then appear at the shell which do not echo the password visibly. When changing the afs server key, also issue bos addkey command to add the key (with the same key version number) to the /etc/openafs/server/KeyFile file. See the OpenAFS Administration Guide for instructions. The command interpreter checks the password string subject to the following conditions: o If there is a program called kpwvalid in the same directory as the kas binary, the command interpreter invokes it to process the password. For details, see kpwvalid(8). o If the -reuse argument to the kas setfields command has been used to prohibit reuse of previous passwords, the command interpreter verifies that the password is not too similar too any of the user's previous 20 passwords. It generates the following error message at the shell: Password was not changed because it seems like a reused password To prevent a user from subverting this restriction by changing the password twenty times in quick succession (manually or by running a script), use the -minhours argument on the kaserver initialization command. The following error message appears if a user attempts to change a password before the minimum time has passed: Password was not changed because you changed it too recently; see your systems administrator OPTIONS -name <name of user> Names the entry in which to record the new key. -new_password <new password> Specifies the character string the user types when authenticating to AFS. Omit this argument and type the string at the resulting prompts so that the password does not echo visibly. Note that some non-AFS programs cannot handle passwords longer than eight characters. -kvno <key version number> Specifies the key version number associated with the new key. Provide an integer in the range from 0 through 255. If omitted, the default is 0 (zero), which is probably not desirable for server keys. -admin_username <admin principal> Specifies the user identity under which to authenticate with the Authentication Server for execution of the command. For more details, see kas(8). -password_for_admin <admin password> Specifies the password of the command's issuer. If it is omitted (as recommended), the kas command interpreter prompts for it and does not echo it visibly. For more details, see kas(8). -cell <cell name> Names the cell in which to run the command. For more details, see kas(8). -servers <authentication servers>+ Names each machine running an Authentication Server with which to establish a connection. For more details, see kas(8). -noauth Assigns the unprivileged identity "anonymous" to the issuer. For more details, see kas(8). -help Prints the online help for this command. All other valid options are ignored. EXAMPLES In the following example, an administrator using the "admin" account changes the password for "pat" (presumably because "pat" forgot the former password or got locked out of his account in some other way). % kas setpassword pat Password for admin: new_password: Verifying, please re-enter new_password: PRIVILEGE REQUIRED Individual users can change their own passwords. To change another user's password or the password (server encryption key) for server entries such as "afs", the issuer must have the "ADMIN" flag set in his or her Authentication Database entry. SEE ALSO bos_addkey(8), kas(8), kaserver(8), kpwvalid(8) COPYRIGHT IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved. This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell. OpenAFS 2012-03-26 KAS_SETPASSWORD(8)