08-26-2011
Hmmm... I was going to post that this would be hard without exposing a plethora of security issues. However, it is conceivable that the jsp invokes a shell on the local platform that can use a passphraseless private key to go keyless into the target platform of the user. Every other thing I could imagine gets into way too many security issues. And yes... doing the su to the user in my example opens up security issues.... I'm open to listening to better approaches though. If possible, regardless of approach, I auth the user by some other means and become the role of the user instead of trying to pass the password on down... just saying...
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
hello friends,
I have problem. We want to create user from jsp(browser based) on our linux server. How we can do that ? or How do we create a user with shell programming by taking arguments and checking with the existing users and if the user exist it should display the message the user exists... (1 Reply)
Discussion started by: jarkvarma
1 Replies
2. Shell Programming and Scripting
Hi. I have a kornshell script that runs on a daily basis as a cron job. Part of what the script does is copy the folder contents from another server to the current server (server where KSH script is running).
I have a scp command, as follows:
scp $REMOTE_HOST:$REMOTE_FILE_DIR/* $TMP_DIR
... (8 Replies)
Discussion started by: dmilks
8 Replies
3. Shell Programming and Scripting
Hi,
I am new to Shell Scripting. Can anybody help me in writing a Script Which Could Login from a Unix box to a Remote Unix box which accepts the user credentials automatically and display the result for checking the Disk Space Utilisation (Without running any SSH agent). (1 Reply)
Discussion started by: ajith_tg
1 Replies
4. Shell Programming and Scripting
I want to invoke shell script named bubesh.sh when submit button clicked on html/jsp page.I am using an apache server and the html & shell script are in the same working directory.Please help. (2 Replies)
Discussion started by: bubeshj
2 Replies
5. Shell Programming and Scripting
Hi all,
I'm writing a script that chooses the best computer available in an open lab. The script works great except every now and then there is a dead computer in the lab that begins the ssh handshaking, but freezes after the following:
debug1: Offering public key:
When the script happens... (2 Replies)
Discussion started by: x-375HK-x
2 Replies
6. Shell Programming and Scripting
Hi Guys!
I am trying to write a shell script for automated ssh. vairable user and passwd have initialized correctly, but when I use the following it still prompting me for the password.
#!/usr/bin/bash
user='root@10.14.76.225'
passwd='admin'
ssh $user
$passwd
uptime
exit
I... (3 Replies)
Discussion started by: pinpe
3 Replies
7. Shell Programming and Scripting
Hi all,
I need ssh in shell script. My requirement is:
- Take user_name and password from user (in PHP)
- Pass this to shell script which will:
- connect via ssh
- Run sql query
- Pass the results back in PHP
- Put the results to website.
I know PHP has libraries for ssh and ftp, but... (3 Replies)
Discussion started by: shekhar2010us
3 Replies
8. Shell Programming and Scripting
Hello,
I use the following SSH script to upload *.jpg files via FTP:
#!/usr/bin/expect
set timeout -1
spawn ftp -v -i
expect ""
send "\r"
expect "Password:"
send "\r"
expect "ftp>"
send "mput *.jpg\r"
expect "ftp>"
send "quit\r"
replaced with actual ftp server/account data.
... (5 Replies)
Discussion started by: mrpi007
5 Replies
9. UNIX for Dummies Questions & Answers
Hey,
I need a script that tries to connect via SSH to a remote server
and that remote server might not be up yet, so retry until succeed
the error message I get if the server is not up yet is:
ssh: connect to host 127.0.0.1 port 40001: Connection refused
any idea of a good way to do it ?
... (5 Replies)
Discussion started by: OdedOvdat
5 Replies
10. UNIX for Beginners Questions & Answers
Hi,
I want to validate ssh connection one after one for multiple servers..... password less keys already setup but now i want to validate if ssh is working fine or not...
I have .sh script like below and i have servers.txt contains all the list of servers
#/bin/bash
for host in $(cat... (3 Replies)
Discussion started by: sreeram4
3 Replies
auth(5) File Formats Manual auth(5)
Name
auth - auth database
Description
The database is a repository of security-relevant information about each user of the system. This database contains the encrypted password
associated with the user's account in addition to a list of assorted capabilities. The database is stored as an database in the files and
Records are retrieved with the library routine. Access to the database is restricted to the superuser and members of the group
Auth records may be converted to an ASCII representation whose format is:
1000:4KvidFYwovnwp3j8lll78dC1:1920129:3600:2678400:03:0:1000:0:00:00
The first field is the UID of the entry that is used as the key into the database. Then follows:
Encrypted Password
This is the user's encrypted password. Whether this password or the one from the file is actually used is determined by the
security level that the system is running at.
Password Modification Time
This is the time(2) the password was last set.
Minimum Password Lifetime
This is the minimum number of seconds which must elapse between setting passwords.
Maximum Password Lifetime
This is the maximum period of time for which the password will be valid.
Account Mask These are capabilities pertaining to the account itself. They are:
1 A_ENABLE: this account is enabled.
2 A_CHANGE_PASSWORD: The user can change his or her password.
4 A_ENTER_PASSWORD: The user is not required to use machine-generated passwords.
Login Failure Count
This is the count of unsuccessful login attempts since the last successful login.
Audit ID Positive integer identifier used in generating audit records for the user.
Audit Control See the reference page, SET_APROC_CNTL section for more information.
Audit Mask Determines which events will be audited for the user. See the and reference pages for more information.
Restrictions
Only the superuser and members of the group may read information from the auth database. Only the superuser may modify the auth database.
Files
See Also
audcntl(2), getauthuid(3), getpwent(3), edauth(8)
auth(5)