01-17-2014
Su-only account with ssh capability and no interactive login
Hello experts,
Is it possible to have an user account on RHEL 6.3 as a su-only account, but with ssh capability and no interactive login? Let me elaborate.
Say, we have a cluster of 5 RHEL 6.3 servers and an user account (strmadmin) on each of the server as an su-only account, meaning "strmadmin" cannot login interactively but needs to be su'ed to. Now, can we add 'ssh' capability to this account still maintaining the non-interactive login? The requirement is that the su-only account (strmadmin) should be able ssh to all the 5 servers in the cluster.
If this can be done, how can it be done?
Any help and any inputs are greatly appreciated.
TIA,
-Naveen.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Is there a way to easily change an account to be a non login account (NP in the shadow) file?
I know I can just edit the file but that is not what we want to do. We use access control software and want to provide a way to set an account to be non-login using simple commands that can be mapped... (0 Replies)
Discussion started by: LordJezo
0 Replies
2. Shell Programming and Scripting
Can anybody help me to write a shell script to login interactive system
once u open a connection using telnet it will ask for
USERCODE:
PASSWORD:
DOMAIN: (1 Reply)
Discussion started by: sudhakaryadav
1 Replies
3. Shell Programming and Scripting
Hi,
I want to know how to use SSH non-interactively? I am already able to use sftp -b <batch file> user@host so public/private key set-up already is in place.
But my supervisor has told me to use SSH now I want to know how it can be done? I want to do something like:
done_files=`ssh ls... (7 Replies)
Discussion started by: dips_ag
7 Replies
4. AIX
Hello,
Using AIX 6.1 boxes.
User user1 connects from box A to box B using ssh.
When password authentication is used everything is fine. When I configure user1 to use public key authentication sftp client works fine(no password asked), but ssh client fails. This is sshd log:
Accepted publickey... (3 Replies)
Discussion started by: vilius
3 Replies
5. UNIX for Dummies Questions & Answers
Hi Guys,
Excuse if am asking silly Que ... :rolleyes:
Please explain me whats difference between login and interactive shell in Linux .. Have googled but still in doubt .. :confused:
--Shirish Shukla (4 Replies)
Discussion started by: Shirishlnx
4 Replies
6. AIX
I want to learn AIX. I would like to find someone who would be willing to give me a login to their AIX home lab server. My intent is to poke around and discover the similarities and differences of AIX compared to other *NIXs.
I am a UNIX admin so I can think of what some immediate concerns may... (1 Reply)
Discussion started by: perl_in_my_shel
1 Replies
7. Programming
Hi i need a c programm to login in unix(solaris).
non-interactivley because it seems difficult to do it with unix shell scripting and passwd command cant be used and also
i don't have expect installed and i am not allowed to installed expect in our servers.
is there any c programm that can help... (1 Reply)
Discussion started by: munish259272
1 Replies
8. Homework & Coursework Questions
I am sorry for creating a new topic after my previous inquiry was closed, but I tried and tried and I do not know how to edit my previous post. This is not exactly any homework, this is one of 40 questions we were expected to prepare for one of the labs. I searched and read what I could and still... (4 Replies)
Discussion started by: me_me_me
4 Replies
9. UNIX for Beginners Questions & Answers
Hello and thanks in advance for any help anyone can offer to straighten me out on this subject
I'm trying to understand non-interactive & non-login shells and having a hard time conceptualize the process a non-interactive & non-login shell goes through to start up. Particularly for background... (7 Replies)
Discussion started by: bodisha
7 Replies
10. UNIX for Advanced & Expert Users
Environment: CentOS 7
I would like to have a solution where a service account can access a server in only these ways:
ssh non-interactively via password or ssh key; that is, run commands or scripts (but running anything in /etc/shells will not be allowed)
not ssh interactively
regular... (2 Replies)
Discussion started by: bgstack15
2 Replies
CHSH(1) User Commands CHSH(1)
NAME
chsh - change login shell
SYNOPSIS
chsh [options] [LOGIN]
DESCRIPTION
The chsh command changes the user login shell. This determines the name of the user's initial login command. A normal user may only change
the login shell for her own account; the superuser may change the login shell for any account.
OPTIONS
The options which apply to the chsh command are:
-h, --help
Display help message and exit.
-R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
-s, --shell SHELL
The name of the user's new login shell. Setting this field to blank causes the system to select the default login shell.
If the -s option is not selected, chsh operates in an interactive fashion, prompting the user with the current login shell. Enter the new
value to change the shell, or leave the line blank to use the current one. The current shell is displayed between a pair of [ ] marks.
NOTE
The only restriction placed on the login shell is that the command name must be listed in /etc/shells, unless the invoker is the superuser,
and then any value may be added. An account with a restricted login shell may not change her login shell. For this reason, placing /bin/rsh
in /etc/shells is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell
back to its original value.
FILES
/etc/passwd
User account information.
/etc/shells
List of valid login shells.
/etc/login.defs
Shadow password suite configuration.
SEE ALSO
chfn(1), login.defs(5), passwd(5).
shadow-utils 4.5 01/25/2018 CHSH(1)