11-14-2012
Quote:
Originally Posted by
bakunin
If so: what is the gain of having someuser login and switch to root without further authorization to having root log on directly? It is clear that this just transfers the "risk" from one user to the other.
Not without my password-protected key, they can't. Even if they steal it, it won't work for them without the password. ssh-agent is how I use that to automate.
9 More Discussions You Might Find Interesting
1. Answers to Frequently Asked Questions
We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies
2. Linux Benchmarks
I created two computers with identical hardware, and run the benchmark programs in both starting at the same exact time.
What makes no sense is that the computer that has the lower average index (121) finished the race a good 30 minutes ahead of the computer wich showed the higher avg index... (0 Replies)
Discussion started by: philip_38
0 Replies
3. AIX
Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in.
I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies
4. High Performance Computing
08-18-2008 11:00 AM
Cluster computing has played a pivotal role in the way research is conducted in educational environments. Because the amount of available money and hardware varies between university researchers, often it's necessary to find a clustering solution that can work well on a small... (0 Replies)
Discussion started by: Linux Bot
0 Replies
5. UNIX for Dummies Questions & Answers
I've been referring bash info for processes and came across a structure for a process which is defined like
typedef struct process
{
struct process *next;
char ** argv
.
.
.
}process;
What I don't understand is that in the program there's a for loop which goes like this
job... (2 Replies)
Discussion started by: sdsd
2 Replies
6. UNIX for Dummies Questions & Answers
I'm running the following rsync command to sync a directory between the 2 servers:
rsync -az --delete --stats /some_dir/ server_name:/some_dir
I'm getting the following output:
Number of files: 655174
Number of files transferred: 14221
Total file size: 1138531979331 bytes
Total... (0 Replies)
Discussion started by: GKnight
0 Replies
7. UNIX for Advanced & Expert Users
Can someone explain the correlation between how sar names the disk drives and how the rest of the OS names the disk drives?
sar lists my disk drives as sd0, sd1, sd2, etc.....
while format lists my disk drives as c1t0d0, c1t1d0, c1t2d0,etc...
And also why sar shows 8 disks but format... (2 Replies)
Discussion started by: s ladd
2 Replies
8. Red Hat
I installed the OpenSSH on my Windows Machine. I want to connect to the remote Linux machine without typing password. I followed the bellow instructions but the SSH needs password to establish the connection yet.
Open CMD and run: ssh-keygen -t rsa (The public and private keys are generated in... (1 Reply)
Discussion started by: manoj.solaris
1 Replies
9. Red Hat
We have several dozen Redhat 5, 6 and 7 servers that are running Oracle databases. On some databases we are using automatic memory management, which uses shared memory. On other databases we are use manual memory management, which does not use shared memory.
When I see that a server is swapping... (2 Replies)
Discussion started by: gandolf989
2 Replies
LEARN ABOUT CENTOS
shell-quote
SHELL-QUOTE(1) User Contributed Perl Documentation SHELL-QUOTE(1)
NAME
shell-quote - quote arguments for safe use, unmodified in a shell command
SYNOPSIS
shell-quote [switch]... arg...
DESCRIPTION
shell-quote lets you pass arbitrary strings through the shell so that they won't be changed by the shell. This lets you process commands
or files with embedded white space or shell globbing characters safely. Here are a few examples.
EXAMPLES
ssh preserving args
When running a remote command with ssh, ssh doesn't preserve the separate arguments it receives. It just joins them with spaces and
passes them to "$SHELL -c". This doesn't work as intended:
ssh host touch 'hi there' # fails
It creates 2 files, hi and there. Instead, do this:
cmd=`shell-quote touch 'hi there'`
ssh host "$cmd"
This gives you just 1 file, hi there.
process find output
It's not ordinarily possible to process an arbitrary list of files output by find with a shell script. Anything you put in $IFS to
split up the output could legitimately be in a file's name. Here's how you can do it using shell-quote:
eval set -- `find -type f -print0 | xargs -0 shell-quote --`
debug shell scripts
shell-quote is better than echo for debugging shell scripts.
debug() {
[ -z "$debug" ] || shell-quote "debug:" "$@"
}
With echo you can't tell the difference between "debug 'foo bar'" and "debug foo bar", but with shell-quote you can.
save a command for later
shell-quote can be used to build up a shell command to run later. Say you want the user to be able to give you switches for a command
you're going to run. If you don't want the switches to be re-evaluated by the shell (which is usually a good idea, else there are
things the user can't pass through), you can do something like this:
user_switches=
while [ $# != 0 ]
do
case x$1 in
x--pass-through)
[ $# -gt 1 ] || die "need an argument for $1"
user_switches="$user_switches "`shell-quote -- "$2"`
shift;;
# process other switches
esac
shift
done
# later
eval "shell-quote some-command $user_switches my args"
OPTIONS
--debug
Turn debugging on.
--help
Show the usage message and die.
--version
Show the version number and exit.
AVAILABILITY
The code is licensed under the GNU GPL. Check http://www.argon.org/~roderick/ or CPAN for updated versions.
AUTHOR
Roderick Schertler <roderick@argon.org>
perl v5.16.3 2010-06-11 SHELL-QUOTE(1)