03-31-2010
At my job we have the ability to ssh into over 80 servers and shut them down using "sudo /etc/shutdown -y -g0".
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
NT CONSULTANT IS NEAR TOTAL UNIX NEWBIE! Please help!
I would like detailed info about how to remotely connect a PC running win'98 that is not on a local network to a unix server which is locally networked to other PCs?
Would like to know how to:
Move files back and forth?
Mount... (2 Replies)
Discussion started by: Kagor
2 Replies
2. UNIX for Advanced & Expert Users
hi,
could anyone tell me that how can i use a remote CD drive for installing solaris , cause my local Drive has peroblem.
tell me the steps one by one.
Rgrds,
nikk:confused: (6 Replies)
Discussion started by: nikk
6 Replies
3. Shell Programming and Scripting
I need to rsh to many machines and run an " if statement' that checks the versions of the OS and if up to date it tee -a to a file called "uptodate"..then if not update, it tee -a to file called "notuptodate" on my machine
the command that checks the version is cat /etc/version.
now the output... (1 Reply)
Discussion started by: dxrmroue
1 Replies
4. Shell Programming and Scripting
Hello,
We have a domain where instances attached to it are in multiple machines. Is there any way that I can get the process information of the domain of a secondary server from the primary.
ssh authentication is enabled on the functional ID and if I scsu to that ID and do the ssh: $ssh machine2... (0 Replies)
Discussion started by: chiru_h
0 Replies
5. Shell Programming and Scripting
Hi All,
I have a script to be executed in another machine. I connect to that machine from another server as a root ( this is the only configured access, as i cannot log in as a normal user). After that I have to switch to a normal user and that I can be able to executge that script. But all this... (12 Replies)
Discussion started by: elthox
12 Replies
6. Shell Programming and Scripting
I need to upload tar or zip files to a unix server than unzip or untar them remotely. Any suggestions on the easiest way to do the remote untar or unzip? For example does someone know of a cgi script or something?
Thanks -jz (3 Replies)
Discussion started by: jwzumwalt
3 Replies
7. Shell Programming and Scripting
Hi there
I am trying to add up the disk space used on a remote linux box but am falling at the first hurdle i.e isolating the 'space used' column with df -k on the remote box
if i run this, i get the df -k output as expected
# rsh remote-server 'df -k|grep sd|grep -v boot'
/dev/sda3 ... (8 Replies)
Discussion started by: hcclnoodles
8 Replies
8. UNIX for Dummies Questions & Answers
I have Oracle 9i R2 on AIX 5.2. My Database is running in shared server mode (MTS).
Sometimes when I shutdown the database it shutsdown cleanly in 4-5 mints and sometimes it takes good 15-20 minutes and then I get some ora-600 errors and only way to shutdown is by opening another session and... (7 Replies)
Discussion started by: aixhp
7 Replies
9. What is on Your Mind?
I have been wondering how do Systems Administrators do the jump into Systems Engineering? Is it only a matter of time and experience or could I actually help myself get there?
Opinions? Books I could read?
Thanks a lot for your help! (0 Replies)
Discussion started by: svalenciatech
0 Replies
10. Solaris
Hello. I am trying to ssh and run a script from a remote computer. These computers will be both Windows and MACs. I am using Solaris 8 and what I have tried is:
using putty
ssh user@ip_address (remote command) /folder/folder/filename.sh
The issue here is that the user profile has not... (3 Replies)
Discussion started by: jkmtm
3 Replies
LEARN ABOUT CENTOS
pam_ssh_agent_auth
pam_ssh_agent_auth(8) PAM pam_ssh_agent_auth(8)
PAM_SSH_AGENT_AUTH
This module provides authentication via ssh-agent. If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.
SUMMARY
/etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys
/etc/sudoers:
Defaults env_keep += "SSH_AUTH_SOCK"
This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
/etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
either be local, or forwarded.
Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.
ARGUMENTS
file=<path to authorized_keys>
Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)
allow_user_owned_authorized_keys_file
A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
whenever the expansions %h or ~ are used.
debug
A flag which enables verbose logging
sudo_service_name=<service name you compiled sudo to use>
(when compiled with --enable-sudo-hack)
Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.
This defaults to "sudo".
EXPANSIONS
~ -- same as in shells, a user's Home directory
Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file
%h -- User's Home directory
Automatically enables allow_user_owned_authorized_keys_file
%H -- The short-hostname
%u -- Username
%f -- FQDN
EXAMPLES
in /etc/pam.d/sudo
"auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
The default .ssh/authorized_keys file in a user's home-directory
"auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
Same as above.
"auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys. In this case, we have not
specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys. In this case, we specified
allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys. In this case, we
have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.
v0.8 2009-08-09 pam_ssh_agent_auth(8)