11-13-2013
Password less SSH for non-interactive NUID
We have a script which rsyncs two directories on two servers. This rsync will happen with the ID svID. But the script runs with the Control-M ID opID. we have setup password less SSH for svID, but it fails with Host key verification failed when the script is executed by opID. As opID is a non-interactive ID, i could not setup the password less SSH. Please suggest.
10 More Discussions You Might Find Interesting
1. Solaris
Does anyone know how I can do a non-interactive password change in Solaris 8 and 10?
Using Sed to edit the passwd file, or Expect to automate the process has already been considered.... I'm looking for something more direct.
Your guidance is appreciated.
akbar (2 Replies)
Discussion started by: akbar
2 Replies
2. UNIX and Linux Applications
Hi,
I am changing the login authentication method from password to keyboard interactive for security purposes. I know this option is kind of add-on for ssh client programs; which explains the best info about option is in this link:
User Authentication with Keyboard-Interactive :eek:
One of... (4 Replies)
Discussion started by: royalliege
4 Replies
3. Shell Programming and Scripting
I am writing an automation that will ssh into hundreds of system and run a few commands. I ll be looping from ip X.X.X.10 to X.X.X.200
I have public key set up ready for "most" of them to run ssh non interactively. However some of the systems in these ip range do not have the public private key... (2 Replies)
Discussion started by: vickylife
2 Replies
4. Shell Programming and Scripting
Hi,
I want to know how to use SSH non-interactively? I am already able to use sftp -b <batch file> user@host so public/private key set-up already is in place.
But my supervisor has told me to use SSH now I want to know how it can be done? I want to do something like:
done_files=`ssh ls... (7 Replies)
Discussion started by: dips_ag
7 Replies
5. Shell Programming and Scripting
Hello everyone!
I am trying to log-in to a remote server over SSH, transfer file1 there, perform some checks, capture the results in file2 and transfer file2 back to my local server - all of this non-interactively. Initially, I tried to do this within a singe SSH session, using the following... (2 Replies)
Discussion started by: Subu1987
2 Replies
6. UNIX for Advanced & Expert Users
I have written the below scripts .
ldap_pwd_prompt.ksh
#!/usr/bin/ksh
passwd -r ldap
interactive_pwd_change.exp
#!/usr/local/bin/expect
set timeout 10
set curpass
set newpass
spawn ./ldap_pwd_prompt.ksh
expect "Enter existing login password:"
send "$curpass\r"
expect "New... (6 Replies)
Discussion started by: dr46014
6 Replies
7. Red Hat
Hello experts,
Is it possible to have an user account on RHEL 6.3 as a su-only account, but with ssh capability and no interactive login? Let me elaborate.
Say, we have a cluster of 5 RHEL 6.3 servers and an user account (strmadmin) on each of the server as an su-only... (1 Reply)
Discussion started by: naveendronavall
1 Replies
8. UNIX for Dummies Questions & Answers
Hello all,
can we SFTP to the destination server in a non-interactive mode with out estbalishing the public key of origination server in the destination server? meaning i want to harcode the password as part of the below script or as an variable?
Please let me know if there is any better way to... (2 Replies)
Discussion started by: Ariean
2 Replies
9. Shell Programming and Scripting
I wish to launch a script with ssh command.
This script launches a menu.
The menu displays well but I can't interact with it.
Can you help me :confused: ? (1 Reply)
Discussion started by: khalidou13
1 Replies
10. Shell Programming and Scripting
I fire the rsyn command as below:
rsync --delay-updates -F --compress --archive -e "/usr/bin/ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" user1@myhost.server.com:/tmp/jarexplorer-0.7.jar /web/admin/data/ The above command get interpreted as below: ssh -vvv -o... (4 Replies)
Discussion started by: mohtashims
4 Replies
LEARN ABOUT FREEBSD
pam_ssh
PAM_SSH(8) BSD System Manager's Manual PAM_SSH(8)
NAME
pam_ssh -- authentication and session management with SSH private keys
SYNOPSIS
[service-name] module-type control-flag pam_ssh [options]
DESCRIPTION
The SSH authentication service module for PAM, pam_ssh provides functionality for two PAM categories: authentication and session management.
In terms of the module-type parameter, they are the ``auth'' and ``session'' features.
SSH Authentication Module
The SSH authentication component provides a function to verify the identity of a user (pam_sm_authenticate()), by prompting the user for a
passphrase and verifying that it can decrypt the target user's SSH key using that passphrase.
The following options may be passed to the authentication module:
use_first_pass If the authentication module is not the first in the stack, and a previous module obtained the user's password, that password
is used to authenticate the user. If this fails, the authentication module returns failure without prompting the user for a
password. This option has no effect if the authentication module is the first in the stack, or if no previous modules
obtained the user's password.
try_first_pass This option is similar to the use_first_pass option, except that if the previously obtained password fails, the user is
prompted for another password.
nullok Normally, keys with no passphrase are ignored for authentication purposes. If this option is set, keys with no passphrase
will be taken into consideration, allowing the user to log in with a blank password.
SSH Session Management Module
The SSH session management component provides functions to initiate (pam_sm_open_session()) and terminate (pam_sm_close_session()) sessions.
The pam_sm_open_session() function starts an SSH agent, passing it any private keys it decrypted during the authentication phase, and sets
the environment variables the agent specifies. The pam_sm_close_session() function kills the previously started SSH agent by sending it a
SIGTERM.
The following options may be passed to the session management module:
want_agent Start an agent even if no keys were decrypted during the authentication phase.
FILES
$HOME/.ssh/identity SSH1 RSA key
$HOME/.ssh/id_rsa SSH2 RSA key
$HOME/.ssh/id_dsa SSH2 DSA key
$HOME/.ssh/id_ecdsa SSH2 ECDSA key
SEE ALSO
ssh-agent(1), pam.conf(5), pam(8)
AUTHORS
The pam_ssh module was originally written by Andrew J. Korty <ajk@iu.edu>. The current implementation was developed for the FreeBSD Project
by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
(``CBOSS''), as part of the DARPA CHATS research program. This manual page was written by Mark R V Murray <markm@FreeBSD.org>.
BSD
October 7, 2011 BSD