This script does not prompt for a password:
...that script will happily perform the rsync and then print the listing of a directory on remote-box. SSH and rsync do not require a password because I have DSA keys installed.
This script does prompt for a password:
...when I run that script, it pauses and prints:
host1 & host2 : Solaris 10 - SPARC server
From host1 able to ssh to host2 as same user with out password prompt. But, when ssh to different user in
host2, it prompts for password
DETAILS
=======
In host1:
1) logged as root
2) ssh-keygen -t dsa -b 1024 (no pass phrase)
3)... (5 Replies)
Hello everybody,
Say I forgot my root password (shit happens, no?) and I'd like to brutally try 100 possibilities to delete a file using sudo. How can I make a script that tries all the passwords?
The following doesn't work. Do you have a clue?
foo:~$ cat test
sudo rm dummy <<< 'password'
echo... (1 Reply)
Hello
I have a partition with Aix 5.3 and I install sudo
I put the commands that I want to use x user and I put the option that donkask for password.
But when I run with this user and I try to run that commands. ask me for a password.
I put this line for no ask for password with that... (2 Replies)
I setup the keys between 2 servers, but my user account has no password specified for it (never set one up on the account for security reasons). When I try to SSH to the server, SSH prompts for a password that doesn't exist (so I can never connect successfully).
Note: 'passwd -d Rynok' removes... (3 Replies)
Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks!
When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error:
exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Hi
While doing the following command password is gettin dispalyed :
ssh <host> "sudo command ; exit"
....
while i type my password for 2nd its gettin displayed ...
i tried stty -echo and stty echo
...
still i am havin problem..:confused: (1 Reply)
Little confused here
When i go to run sudo nohup ./script.ksh &
I dont get asked for a password.
It starts a process ID, I can see it when i do a ps -ef | grep script.
But I dont get an output file from my script, so its not doing anything.
What gives?
does it have to do the "&" ?
... (4 Replies)
I am not sure what I am missing here. I have the following identical entry in /etc/sudoers on multiple Red Hat 6.4 servers.
icinga ALL=NOPASSWD:/usr/bin/yum --security --exclude\="kernel*" check-update
On one server when I enter the command over SSH as follows it works fine.
ssh -t -q... (1 Reply)
I am trying to run a command. This is one of my attempts:
for i in fileservera; do ssh -t $i 'sudo ls /';doneThis works, and I see the directories. However, what I want to do now is start a process on the remote server such as /usr/bin/connectproc -standalonesudo /usr/bin/connectproc... (1 Reply)
in the /etc/sudoer file this line was added:
wtolentino ALL=(ORACLE) NOPASSWD: /bin/chmod
when i tried to run this command
sudo -u oracle /bin/chmod 775 /appshared/applications/lpa/executables/chrpt001.rep
it prompts me for a password
for example:
$ pwd
/appshared/applications/lpa... (2 Replies)
Discussion started by: wtolentino
2 Replies
LEARN ABOUT CENTOS
pam_ssh_agent_auth
pam_ssh_agent_auth(8) PAM pam_ssh_agent_auth(8)PAM_SSH_AGENT_AUTH
This module provides authentication via ssh-agent. If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.
SUMMARY
/etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys
/etc/sudoers:
Defaults env_keep += "SSH_AUTH_SOCK"
This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
/etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
either be local, or forwarded.
Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.
ARGUMENTS
file=<path to authorized_keys>
Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)
allow_user_owned_authorized_keys_file
A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
whenever the expansions %h or ~ are used.
debug
A flag which enables verbose logging
sudo_service_name=<service name you compiled sudo to use>
(when compiled with --enable-sudo-hack)
Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.
This defaults to "sudo".
EXPANSIONS
~ -- same as in shells, a user's Home directory
Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file
%h -- User's Home directory
Automatically enables allow_user_owned_authorized_keys_file
%H -- The short-hostname
%u -- Username
%f -- FQDN
EXAMPLES
in /etc/pam.d/sudo
"auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
The default .ssh/authorized_keys file in a user's home-directory
"auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
Same as above.
"auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys. In this case, we have not
specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys. In this case, we specified
allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys. In this case, we
have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.
v0.8 2009-08-09 pam_ssh_agent_auth(8)