Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH with a nologin account
Top Forums UNIX for Dummies Questions & Answers SSH with a nologin account Post 302589532 by hungld86 on Thursday 12th of January 2012 04:22:52 AM
Old 01-12-2012
Bug You can use SSH on nologin account
YES !

You CAN ssh from a a nologin account (such as daemon, apache, tomcat, ect..). The only thing you have to do is:
1 - Create global known_hosts file at /etc/ssh/ssh_known_hosts
2 - Change it's permission to 644. Note: NOT 600. Other people need to read it.
4 - Put destination host key into this file.
5 - Create a RSA keypair then add id_rsa.pub to destination account (if you use password, try yourself).
==> you can use ssh to run command remotely.
I created a PHP page (run by daemon user on system) to execute command by another user at another machine, of course using SSH. Smilie
 

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Shell account SSH Tunnelling?

What do I need to do to be able to connect to an IRC server from work? At work I'm behind a firewall that blocks all IRC connections on standard ports. I read that I could use a shell account and set something up (which I am searching what) that I could use to connect to and tunnel my... (4 Replies)
Discussion started by: KromiX
4 Replies

2. UNIX for Dummies Questions & Answers

need a stable proxy server or free ssh account to visit blocked sites, who can help?

In our country, blogspot.com, twitter.com facebook.com....and more excellent sites are blocked by the Goverment FireWall, who can help me ? thanks a lot for your kind. (2 Replies)
Discussion started by: shuke
2 Replies

3. UNIX for Dummies Questions & Answers

Creating FTP account using SSH (putty)?

Hello, : ) I have a remote access to the server that hosts my joomla, and it does not have cpanel. So I have to do everything manually. I need to have an FTP account to the httpdocs folder because I need to put these info in the config file of joomla (to allow file uploading ...etc) So,... (8 Replies)
Discussion started by: Hayatt
8 Replies

4. Cybersecurity

openssh_4.6 on Unixware 7.1.4 - ssh does not lock account after x attempts

Hi all, I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4 when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Discussion started by: chlawren
0 Replies

5. UNIX for Dummies Questions & Answers

ssh for different user account in a server configuration

Hi team, I am not able to configure the ssh settings for a UserA to do ssh or scp to the UserB in the same server , what could be the best way to do the ssh form UserA to UserB. I've generated the public key in UserA ~/.ssh and kept a copy of that in ~/.ssh of authorized_key of UserB . Still... (1 Reply)
Discussion started by: posix
1 Replies

6. Shell Programming and Scripting

Need help regarding user with nologin

Hi, Need one clarification.. If suppose, I have disabled the login to a particular user XXX, but not deleted the user. So the scripts which must be executed using the user XXX can still be executed using that user or is it not possible..? In our tasks, we are disabling the user XXX, and after... (1 Reply)
Discussion started by: Dpu
1 Replies

7. Red Hat

Su-only account with ssh capability and no interactive login

Hello experts, Is it possible to have an user account on RHEL 6.3 as a su-only account, but with ssh capability and no interactive login? Let me elaborate. Say, we have a cluster of 5 RHEL 6.3 servers and an user account (strmadmin) on each of the server as an su-only... (1 Reply)
Discussion started by: naveendronavall
1 Replies

8. UNIX for Beginners Questions & Answers

Allow AD service account SSH to Linux systems without 2FA

I have Windows AD server and all of the linux computers are joined to AD. Recently, 2FA has been activated, I wish to exclude some of the domain service accounts from 2FA # less /etc/pam_radius_acl.conf sshd:* # /etc/pam.d/sshd auth required pam_sepermit.so auth requisite... (0 Replies)
Discussion started by: davidpar007
0 Replies

LEARN ABOUT OSX

nologin

NOLOGIN(5)						      BSD File Formats Manual							NOLOGIN(5)

NAME

     nologin -- disallow logins

DESCRIPTION

     Programs such as login(1) disallow logins if the nologin file exists.  The programs display the contents of nologin to the user if possible
     and interrupt the login sequence.	This makes it simple to temporarily prevent incoming logins systemwide.

     To disable logins on a per-account basis, investigate nologin(8).

SECURITY

     The nologin file is ignored for user root by default.

IMPLEMENTATION NOTES

     The nologin feature is implemented through login.conf(5), which allows to change the pathname of the file and to extend the list of users
     exempt from temporary login restriction.

     PAM-aware programs can be selectively configured to respect nologin using the pam_nologin(8) module via pam.conf(5).

     The nologin file will be removed at system boot if it resides in /var/run and cleanvar_enable is set to ``YES'' in rc.conf(5), which is
     default.  Therefore system reboot can effectively re-enable logins.

FILES

     /var/run/nologin  default location of nologin

SEE ALSO

     login(1), login.conf(5), pam.conf(5), rc.conf(5), nologin(8), pam_nologin(8), shutdown(8)

BSD
								   May 10, 2007 							       BSD
All times are GMT -4. The time now is 08:09 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy