01-17-2014
Su-only account with ssh capability and no interactive login
Hello experts,
Is it possible to have an user account on RHEL 6.3 as a su-only account, but with ssh capability and no interactive login? Let me elaborate.
Say, we have a cluster of 5 RHEL 6.3 servers and an user account (strmadmin) on each of the server as an su-only account, meaning "strmadmin" cannot login interactively but needs to be su'ed to. Now, can we add 'ssh' capability to this account still maintaining the non-interactive login? The requirement is that the su-only account (strmadmin) should be able ssh to all the 5 servers in the cluster.
If this can be done, how can it be done?
Any help and any inputs are greatly appreciated.
TIA,
-Naveen.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Is there a way to easily change an account to be a non login account (NP in the shadow) file?
I know I can just edit the file but that is not what we want to do. We use access control software and want to provide a way to set an account to be non-login using simple commands that can be mapped... (0 Replies)
Discussion started by: LordJezo
0 Replies
2. Shell Programming and Scripting
Can anybody help me to write a shell script to login interactive system
once u open a connection using telnet it will ask for
USERCODE:
PASSWORD:
DOMAIN: (1 Reply)
Discussion started by: sudhakaryadav
1 Replies
3. Shell Programming and Scripting
Hi,
I want to know how to use SSH non-interactively? I am already able to use sftp -b <batch file> user@host so public/private key set-up already is in place.
But my supervisor has told me to use SSH now I want to know how it can be done? I want to do something like:
done_files=`ssh ls... (7 Replies)
Discussion started by: dips_ag
7 Replies
4. AIX
Hello,
Using AIX 6.1 boxes.
User user1 connects from box A to box B using ssh.
When password authentication is used everything is fine. When I configure user1 to use public key authentication sftp client works fine(no password asked), but ssh client fails. This is sshd log:
Accepted publickey... (3 Replies)
Discussion started by: vilius
3 Replies
5. UNIX for Dummies Questions & Answers
Hi Guys,
Excuse if am asking silly Que ... :rolleyes:
Please explain me whats difference between login and interactive shell in Linux .. Have googled but still in doubt .. :confused:
--Shirish Shukla (4 Replies)
Discussion started by: Shirishlnx
4 Replies
6. AIX
I want to learn AIX. I would like to find someone who would be willing to give me a login to their AIX home lab server. My intent is to poke around and discover the similarities and differences of AIX compared to other *NIXs.
I am a UNIX admin so I can think of what some immediate concerns may... (1 Reply)
Discussion started by: perl_in_my_shel
1 Replies
7. Programming
Hi i need a c programm to login in unix(solaris).
non-interactivley because it seems difficult to do it with unix shell scripting and passwd command cant be used and also
i don't have expect installed and i am not allowed to installed expect in our servers.
is there any c programm that can help... (1 Reply)
Discussion started by: munish259272
1 Replies
8. Homework & Coursework Questions
I am sorry for creating a new topic after my previous inquiry was closed, but I tried and tried and I do not know how to edit my previous post. This is not exactly any homework, this is one of 40 questions we were expected to prepare for one of the labs. I searched and read what I could and still... (4 Replies)
Discussion started by: me_me_me
4 Replies
9. UNIX for Beginners Questions & Answers
Hello and thanks in advance for any help anyone can offer to straighten me out on this subject
I'm trying to understand non-interactive & non-login shells and having a hard time conceptualize the process a non-interactive & non-login shell goes through to start up. Particularly for background... (7 Replies)
Discussion started by: bodisha
7 Replies
10. UNIX for Advanced & Expert Users
Environment: CentOS 7
I would like to have a solution where a service account can access a server in only these ways:
ssh non-interactively via password or ssh key; that is, run commands or scripts (but running anything in /etc/shells will not be allowed)
not ssh interactively
regular... (2 Replies)
Discussion started by: bgstack15
2 Replies
LEARN ABOUT FREEBSD
pam_nologin
PAM_NOLOGIN(8) BSD System Manager's Manual PAM_NOLOGIN(8)
NAME
pam_nologin -- NoLogin PAM module
SYNOPSIS
[service-name] module-type control-flag pam_nologin [options]
DESCRIPTION
The NoLogin service module for PAM, pam_nologin provides functionality for only one PAM category: account management. In terms of the
module-type parameter, this is the ``account'' feature.
NoLogin Account Management Module
The NoLogin account management component, pam_sm_acct_mgmt(), verifies whether logins are administratively disabled via nologin(5). It
returns success if the user's login class has an "ignorenologin" capability specified in login.conf(5) or the nologin(5) file does not exist.
If neither condition is met, then the contents of nologin(5) are echoed before failure is returned. The location of nologin(5) is specified
by a "nologin" capability in login.conf(5), which defaults to /var/run/nologin.
The following options may be passed to the module:
debug syslog(3) debugging information at LOG_DEBUG level.
no_warn suppress warning messages to the user. These messages include reasons why the user's login attempt was declined.
SEE ALSO
syslog(3), login.conf(5), nologin(5), pam.conf(5), pam(8)
BSD
June 10, 2007 BSD