11-11-2010
how about setting SSH keys between the hosts?
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi All,
I'm looking for a script to change root password for about 200 servers of both Solaris and Linux. I'm not very good at scripting, can anyone share a script if you already have one?
:) (3 Replies)
Discussion started by: kvadivel80
3 Replies
2. Shell Programming and Scripting
Hi Friends.
I am new to scripting now i want to change the root password using the script with standard password.
which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Discussion started by: kurva
2 Replies
3. Solaris
Hello All,
I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Discussion started by: tferrazz
8 Replies
4. Shell Programming and Scripting
HI I 'm new shall script and unix. I want to create script for change password root by ssh-keygen command . I have 50 servers and I want ot login ot the servers via ssh by type ones password and can login every machines.The script ssh-keygen must ot generate key every weekly than it send new... (2 Replies)
Discussion started by: pellnapook
2 Replies
5. Shell Programming and Scripting
Hi Everybody,
I am trying to write a script (ksh) to connect to oracle db via sqlplus.
As I do not want the password to be in plain text, I've tried to use java to encrypt and decrypt it but I am not sure how can I pass the decrypted password to the script. Pls advise.
Below is what I would... (1 Reply)
Discussion started by: Nick1971
1 Replies
6. UNIX for Advanced & Expert Users
Hi all,
I have a simple script to check the CPU, Swap Memory and Hard Disk. But I can auto assign password in the script to automatic run it in crontab.
Everytime when I run this script, it require to insert password like the message below :
How can I solve this problem ? (2 Replies)
Discussion started by: cafecoc85
2 Replies
7. Shell Programming and Scripting
Hello,
I am using below command but this is asking for tty
c42dba {/home/oracle}: echo sersnp | su -c ggs
standard in must be a tty
Best regards,
Vishal (4 Replies)
Discussion started by: admin_db
4 Replies
8. Red Hat
Hi Guys
In red hat linux server is there a way to alert via email when the root password is about to expire ?
As per security policy in our environment root password will expire in 90 days.
Example : It would be better if we receive a email on 7th november stating that the root password... (1 Reply)
Discussion started by: newtoaixos
1 Replies
9. Shell Programming and Scripting
Hello,
I have list of around 400 devices. I need to restart a service /etc/init.d/psap23.sh in all of them, but it should restart by root only.
Those have some other kind of light Linux. There is no sudo package in that and we can't/shouldn't install. Direct root login is not allowed. I login... (5 Replies)
Discussion started by: solaris_1977
5 Replies
10. UNIX for Beginners Questions & Answers
Hello everyone,
I want to check how long a remote computer is running (e.g. with the command uptime or who - b)
The check should be done during login from none root user by a script which is called from .cshrc. My script works fine if I login as root but I want that everybody get the information... (5 Replies)
Discussion started by: Nadielosabra
5 Replies
LEARN ABOUT DEBIAN
pam_ssh
PAM_SSH(8) BSD System Manager's Manual PAM_SSH(8)
NAME
pam_ssh -- authentication and session management with SSH private keys
DESCRIPTION
The SSH authentication service module for PAM, pam_ssh provides functionality for two PAM categories: authentication and session management.
SSH Authentication Module
The SSH authentication component verifies the identity of a user by prompting the user for a passphrase and verifying that it can decrypt at
least one of the user's SSH login keys using that passphrase.
The following options may be passed to the authentication module:
debug syslog(3) debugging information at LOG_DEBUG level.
use_first_pass If the authentication module is not the first in the stack, and a previous module obtained the user's password, then
that password is used to decrypt the user's SSH login keys. If this fails, then the authentication module returns
failure without prompting the user for a passphrase.
try_first_pass Similar to the use_first_pass option, except that if the previously obtained password fails to decrypt any of the SSH
login keys, then the user is prompted for an SSH passphrase.
try_first_pass has no effect if pam_ssh is the first module on the stack, or if no previous modules obtained the
user's password.
allow_blank_passphrase Allow SSH keys with no passphrase.
If neither use_first_pass nor try_first_pass is specified, pam_ssh will unconditionally ask for an SSH passphrase.
In addition to the above authentication procedure, all standard SSH keys (identity, id_rsa, id_dsa) for which the obtained password matches
will be decrypted.
SSH Session Management Module
The SSH session management component initiates sessions by starting an SSH agent, passing it any SSH login keys it decrypted during the
authentication phase, and sets the environment variables accordingly.
The SSH session management component terminates the session by killing the previously started SSH agent by sending it a SIGTERM.
The following options may be passed to the session management module:
debug syslog(3) debugging information at LOG_DEBUG level.
INFORMATION LEAKS
Be careful with the using the try_first_pass option when pam_ssh is the first authentication module because it will then leak information
about existing users without login keys: such users will not be asked for a specific SSH passphrase, whereas non-existing users and existing
users with login keys will be asked for a passphrase.
FILES
$HOME/.ssh/identity
$HOME/.ssh/id_rsa
$HOME/.ssh/id_dsa OpenSSH DSA/RSA keys decrypted by pam_ssh.
$HOME/.ssh/login-keys.d/ Location of (possibly symbolic links to) OpenSSH DSA/RSA keys used for authentication and decrypted by pam_ssh.
/var/log/auth.log Usual log file for syslog(3)
SEE ALSO
ssh-agent(1), syslog(3), pam.conf(5), pam(8).
AUTHORS
Andrew J. Korty <ajk@iu.edu> wrote pam_ssh. Dag-Erling Smorgrav wrote the original OpenPAM support code. Mark R V Murray wrote the original
version of this manual page. Jens Peter Secher introduced the login-key concept.
BSD
November 26, 2001 BSD