Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Passwordless sftp using a different user than the runtime user
Top Forums Shell Programming and Scripting Passwordless sftp using a different user than the runtime user Post 302974049 by RudiC on Wednesday 25th of May 2016 06:12:24 AM
Old 05-25-2016
The public key created by user A (and matching his or her private key) needs to be in user B's remote authorized_keys file.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to link to some lib in runtime as a nonsuper user?

My program is written in cpp and it uses a non standard library. I have compiled successfully by linking it to the library. But when i try to run the program. it give a error message like: "error while loading shared libraries: ***.so: cannot open shared object file: No such file or directory"... (2 Replies)
Discussion started by: zzz_zzz
2 Replies

2. Shell Programming and Scripting

To Change the user during runtime

Hi, I have a requirement to change the user during runtime within a shell script. Is their any way via which I can change the user by prefeeding the password? Please reply. Thanks. (4 Replies)
Discussion started by: sam_roy
4 Replies

3. UNIX for Dummies Questions & Answers

FTP or SFTP User

Hello there, is there any command in Unix to check that following ftp user is ftp or sftp user. Thanks. (1 Reply)
Discussion started by: ahhmedbilal
1 Replies

4. UNIX for Advanced & Expert Users

Determining if user is local-user in /etc/passwd or LDAP user

Besides doing some shell-script which loops through /etc/passwd, I was wondering if there was some command that would tell me, like an enhanced version of getent. The Operating system is Solaris 10 (recent-ish revision) using Sun DS for LDAP. (5 Replies)
Discussion started by: ckmehta
5 Replies

5. AIX

passwordless ssh for non-root user???

hi all I have a problem to set up the password ssh login for a non-root user. what I want to do is that non-root user in host A logs into host B without password prompted. what I did listed as the following steps. 1. genarate a pair of keys from host A. ssy-keygen -t rsa -N "" -f... (9 Replies)
Discussion started by: rs6000er
9 Replies

6. Shell Programming and Scripting

su -m <user> passwordless?

Hi! I am working on mac osx and have a script which prompts for password for a non-root user, can I avoid that? su -m <user> Prompts for a password. Its a startup script and the start up fails? How can I fix this? Thanks, Jack. (4 Replies)
Discussion started by: jacki
4 Replies

7. AIX

passwordless entry using ssh from one user to a different user on the same server

Hi, We have a requirement to do passwordless entry from one user to a different user on the same AIX server using ssh keys. Can some one help me with this? Thanks in advance, Panditt (3 Replies)
Discussion started by: deshaipet
3 Replies

8. Shell Programming and Scripting

Check whether user has passwordless setup

Hello Unix scripters, I have created a small tool that i can distribute to users to check whether they have passwordless login to a list of servers. The problem in my code below is if user do not have the passwordless login yet, it will prompt them with a password login and my message below... (2 Replies)
Discussion started by: ryandegreat25
2 Replies

9. Red Hat

Runtime Error Enable user directory apache

Hi I am exactly according to this link CentOS 6 - Apache httpd - Enable Userdir : Server World I Enabled userDirectory Server version: Apache/2.2.15 CentOS release 6.8 (Final) But Iget this Error Forbidden You don't have permission to access /~mn/index.html on this server Goal... (2 Replies)
Discussion started by: mnnn
2 Replies

10. UNIX for Advanced & Expert Users

Passwordless ssh for different user

Hello Folks, I lost touch in ssh key gen topics. I am in need of ssh to a server without password, kindly help me in configuring. I have two servers, server1 with user name apha & server1 with user name beta. I need to ssh to the server2 from server1 with respective users, Manually i... (3 Replies)
Discussion started by: Thala
3 Replies

LEARN ABOUT CENTOS

pam_ssh_agent_auth

pam_ssh_agent_auth(8)							PAM						     pam_ssh_agent_auth(8)

PAM_SSH_AGENT_AUTH
       This module provides authentication via ssh-agent.  If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
       the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.

SUMMARY

       /etc/pam.d/sudo: auth	sufficient     pam_ssh_agent_auth.so file=/etc/security/authorized_keys
       /etc/sudoers:
	    Defaults	env_keep += "SSH_AUTH_SOCK"

       This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
       /etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
       either be local, or forwarded.

       Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.

ARGUMENTS

       file=<path to authorized_keys>
	   Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)

       allow_user_owned_authorized_keys_file
	   A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
	   whenever the expansions %h or ~ are used.

       debug
	   A flag which enables verbose logging

       sudo_service_name=<service name you compiled sudo to use>
	   (when compiled with --enable-sudo-hack)

	   Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
	   is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.

	   This defaults to "sudo".

EXPANSIONS

       ~  -- same as in shells, a user's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
	   to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file

       %h -- User's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file

       %H -- The short-hostname
       %u -- Username
       %f -- FQDN

EXAMPLES

       in /etc/pam.d/sudo

       "auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
	   The default .ssh/authorized_keys file in a user's home-directory

       "auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
	   Same as above.

       "auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
	   If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys.  In this case, we have not
	   specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys.	In this case, we specified
	   allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys.	In this case, we
	   have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.

v0.8								    2009-08-09						     pam_ssh_agent_auth(8)
All times are GMT -4. The time now is 12:30 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy