host1 & host2 : Solaris 10 - SPARC server
From host1 able to ssh to host2 as same user with out password prompt. But, when ssh to different user in
host2, it prompts for password
DETAILS
=======
In host1:
1) logged as root
2) ssh-keygen -t dsa -b 1024 (no pass phrase)
3)... (5 Replies)
Hello everybody,
Say I forgot my root password (shit happens, no?) and I'd like to brutally try 100 possibilities to delete a file using sudo. How can I make a script that tries all the passwords?
The following doesn't work. Do you have a clue?
foo:~$ cat test
sudo rm dummy <<< 'password'
echo... (1 Reply)
Hello
I have a partition with Aix 5.3 and I install sudo
I put the commands that I want to use x user and I put the option that donkask for password.
But when I run with this user and I try to run that commands. ask me for a password.
I put this line for no ask for password with that... (2 Replies)
I setup the keys between 2 servers, but my user account has no password specified for it (never set one up on the account for security reasons). When I try to SSH to the server, SSH prompts for a password that doesn't exist (so I can never connect successfully).
Note: 'passwd -d Rynok' removes... (3 Replies)
Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks!
When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error:
exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Hi
While doing the following command password is gettin dispalyed :
ssh <host> "sudo command ; exit"
....
while i type my password for 2nd its gettin displayed ...
i tried stty -echo and stty echo
...
still i am havin problem..:confused: (1 Reply)
Little confused here
When i go to run sudo nohup ./script.ksh &
I dont get asked for a password.
It starts a process ID, I can see it when i do a ps -ef | grep script.
But I dont get an output file from my script, so its not doing anything.
What gives?
does it have to do the "&" ?
... (4 Replies)
I am not sure what I am missing here. I have the following identical entry in /etc/sudoers on multiple Red Hat 6.4 servers.
icinga ALL=NOPASSWD:/usr/bin/yum --security --exclude\="kernel*" check-update
On one server when I enter the command over SSH as follows it works fine.
ssh -t -q... (1 Reply)
I am trying to run a command. This is one of my attempts:
for i in fileservera; do ssh -t $i 'sudo ls /';doneThis works, and I see the directories. However, what I want to do now is start a process on the remote server such as /usr/bin/connectproc -standalonesudo /usr/bin/connectproc... (1 Reply)
in the /etc/sudoer file this line was added:
wtolentino ALL=(ORACLE) NOPASSWD: /bin/chmod
when i tried to run this command
sudo -u oracle /bin/chmod 775 /appshared/applications/lpa/executables/chrpt001.rep
it prompts me for a password
for example:
$ pwd
/appshared/applications/lpa... (2 Replies)
Discussion started by: wtolentino
2 Replies
LEARN ABOUT DEBIAN
molly-guard
MOLLY-GUARD(8) [FIXME: manual] MOLLY-GUARD(8)NAME
molly-guard - guard against accidental shutdowns/reboots
SYNOPSIS
shutdown [-hV] [--molly-guard-do-nothing] [-- script_options]
halt [-hV] [--molly-guard-do-nothing] [-- script_options]
reboot [-hV] [--molly-guard-do-nothing] [-- script_options]
poweroff [-hV] [--molly-guard-do-nothing] [-- script_options]
DESCRIPTION
molly-guard attempts to prevent you from accidentally shutting down or rebooting machines. It does this by injecting a couple of checks
before the existing commands: halt, reboot, shutdown, and poweroff. This happens via scripts with the same names in /usr/sbin, so it only
works if you have /usr/sbin before /sbin in your PATH!
Before molly-guard invokes the real command, all scripts in /etc/molly-guard/run.d/ have to run and exit successfully; else, it aborts the
command. run-parts(1) is used to process the directory.
molly-guard passes any script_options to the scripts, and also populates the environment with the following variables:
o MOLLYGUARD_CMD - the actual command invoked by the user.
o MOLLYGUARD_DO_NOTHING - set to 1 if this is a demo-run.
o MOLLYGUARD_SETTINGS - the path to a shell script snippet which scripts can source to obtain settings.
molly-guard prints the contents of /etc/molly-guard/messages.d/COMMAND or /etc/molly-guard/messages.d/default to the console, if either
exists. This is due to /etc/molly-guard/run.d/10-print-message.
GUARDING SSH SESSIONS
molly-guard was primarily designed to shield SSH connections. This functionality (which should arguably be provided by the openssh-server
package) is implemented in /etc/molly-guard/run.d/30-query-hostname.
This script first tests whether the command is being executed from a tty which has been created by sshd. It also checks whether the
variable SSH_CONNECTION is defined. If any of these tests are successful, test script queries the user for the machine's hostname, which
should be sufficient to prevent the user from doing something by accident.
You can pass the --pretend-ssh script option to molly-guard to pretend that those tests succeeds. Alternatively, setting
ALWAYS_QUERY_HOSTNAME in /etc/molly-guard/rc causes the script to always query.
The following situations are still UNGUARDED. If you can think of ways to protect against those, please let me know!
o running sudo within screen or screen within sudo; sudo eats the SSH_CONNECTION variable, and screen creates a new pty.
o executing those command in a remote terminal window, that is a XTerm started on a remote machine but displaying on the local X server.
You have been warned. You can use the --molly-guard-do-nothing switch to prevent anything from happening, e.g. halt
--molly-guard-do-nothing.
OPTIONS --molly-guard-do-nothing
Cause molly-guard to print the command which would be executed, after processing all scripts, instead of executing it.
-h, --help
Display usage information.
-V, --version
Display version information.
SEE ALSO shutdown(8), halt(1), reboot(8), poweroff(8).
LEGALESE
molly-guard is copyright by martin f. krafft. Andrew Ruthven came up with the idea of using the scripts directory and submitted a patch,
which I modified a bit.
This manual page was written by martin f. krafft madduck@madduck.net.
Permission is granted to copy, distribute and/or modify this document under the terms of the Artistic License 2.0
COPYRIGHT
Copyright (C) 2008 martin f. krafft
[FIXME: source] Apr 19, 2008 MOLLY-GUARD(8)