Do you have any other requirements you failed to mention? It makes answers impossible without knowing all the requirements. Your sudo problem does sound like you may not have set up sudoers correctly.
Short answer to part b: set up ssh keys for that user in another account's .ssh directory. the remote account has operator access. Operator access is defined by a special group usually.
This allows you user to do whatever without doing more than typing ssh
I want to add a new IP service which executes a script on SCO OS5.
I have amended /etc/services and added to port number (3333)
I have amended /etc/inetd.conf and added a line for this service but I can't get it to execute my own shell script
When I telnet to the IP address on port 3333 I... (1 Reply)
I have been reading and implementing the tasks of nfs admin on the sun docs website but my nfs is still not working. Seems like the instructions on website just end all of a sudden without completing the instructions.
Anycase, this is what i have checked/did. We had nfs filesystem before our... (1 Reply)
Hi,
I have administrative groups: group1, group2, group3.
If a regular user have one of these group. Does it mean he is an administrator like root?
What's the priveleges of administrative groups?
Thanks in advance,
itik (0 Replies)
Hi ,
Could you please give me the commands for the following.
1.list users who have direct access to solaris database at os-level
2.list users who have administrative access at os-level in solaris
Please also let me know how to figure out these specific users i need from a... (6 Replies)
OS Version: Sun Solaris version 9
Other than root, we need operation to manage printer queue by using following command:
lprm -P
cancel
enable/disable
What privilege should be given?
Pls advise.
Thank you. (4 Replies)
hi,
how can i assign a crontab to my username "user1", here is my current list details;
$ who
root console Nov 15 14:38
user1 pts/1 Dec 14 21:07 (192.168.1.75)
$ pwd
/etc/cron.d
$ ls -alh
total 20
drwxr-xr-x 2 root sys 512 Nov 15 14:37 .... (3 Replies)
Hi,
It's actually strange, but Is there any way through which I can assign super user rights to normal user.
Actually su/sudo/rbac does solve these but switching id is the problem for an application.
For eg: $dladm show-dev
insufficient priviliges.
Is there any way to get it done ?
... (8 Replies)
What I am doing is creating a top menu, which a user will select a choice with a number entry. That number corresponds to a string in an array. I then want to assign that response to another array I've already declared.
For example:
#!/bin/bash
colors=(red blue yellow)
red=(cherry fire)... (2 Replies)
Discussion started by: Akilleez
2 Replies
LEARN ABOUT HPUX
ssh-keysign
ssh-keysign(1M)ssh-keysign(1M)NAME
ssh-keysign - ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the
client user.
ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
basedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen-
tication.
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based
authentication is used.
ssh-keysign will not sign host-based authentication data under the following conditions:
o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
den in users' ~/.ssh/ssh_config files.
o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is
invoked and the name of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
ssh(1), sshd(1M), ssh_config(4), attributes(5)AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
9 Jun 2004 ssh-keysign(1M)