Hi,
First i want to tell you i am not a administrator and everytime to run a sqlscritpt i have to login as SU in a particular account to connect to sqlplus..
I want to write a script which can make me free by doin this .. since i am having the permission for SU i want to know if i can SUDO... (7 Replies)
hi all,
This is a very basic question. I want to make the command work at all times.
i'm working on Suse-Linux and "clear" command is used to clear the contents of screen. I want to use only "cls" instead of "clear" command.
i tried alias cls=clear , but its working only for a temporary... (3 Replies)
How to get the current working directory as part of the command prompt? Every time I chage the folder, my command prompt path shoud change. I am using Korn Shell. Any help is greatly appreciated. (3 Replies)
Hello. I searched the internet for answers and don't seem to find any for about a day now.
My problem. I want to su to a non-root account non-interactively, e.g. if I want to temporarily become prdusr, I want to su prdusr without keying prdusr's password every time.
What I want is... (10 Replies)
When I use "/" to look for a particular command that I typed in the current session it says
D02:-/home/user1/temp> /job
ksh: /job: not found.
D02:-/home/user1/temp>
previously it used to fetch all the commands which had job in it..
for example subjob, endjob, joblist etc...
may I... (7 Replies)
I have used this color prompt on my servers for long time, in file ~\.bashrc
Black="\"
Dark="\"
Blue="\"
LBlue="\"
Green="\"
LGreen="\"
Cyan="\"
LCyan="\"
Red="\"
LRed="\"
Purple="\"
LPurple="\"
Brown="\"
Yellow="\"
LGray="\"
White="\"
Reset="\"
PS1="$Yellow\u@\h $LBlue\w... (4 Replies)
Hi All,
I am not able to get the command prompt after entering the login password on solaris server
Only access is through console.
Server type : sun4u sparc SUNW,Netra-T12
bsnl-north-in > ssh 10.147.17.207 jtoin
Connecting to 10.147.17.207 as user jtoin
Password:
Last login: Wed Mar 5... (1 Reply)
Hi,
I'm trying to customize the ksh prompt for users on a RHEL 6.6 system for having user@host pwd : $ and user@host pwd # in red color for root.
I think it's possible but i do not even succeded for a non root user :
I added in my ~/.kshrc :
PS1="Hello : " and it works
but when i... (4 Replies)
in the /etc/sudoer file this line was added:
wtolentino ALL=(ORACLE) NOPASSWD: /bin/chmod
when i tried to run this command
sudo -u oracle /bin/chmod 775 /appshared/applications/lpa/executables/chrpt001.rep
it prompts me for a password
for example:
$ pwd
/appshared/applications/lpa... (2 Replies)
So Yesterday I switched from Solus Linux to Fedora Linux 30, but I forgot to backup some of my dotfiles including kshrc. I am fairly new to Korn shell and do not know it well, but through memory I was able to at least get this. I did use code from several different source to recreate it. The only... (13 Replies)
Discussion started by: zoomer
13 Replies
LEARN ABOUT CENTOS
pam_ssh_agent_auth
pam_ssh_agent_auth(8) PAM pam_ssh_agent_auth(8)PAM_SSH_AGENT_AUTH
This module provides authentication via ssh-agent. If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.
SUMMARY
/etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys
/etc/sudoers:
Defaults env_keep += "SSH_AUTH_SOCK"
This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
/etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
either be local, or forwarded.
Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.
ARGUMENTS
file=<path to authorized_keys>
Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)
allow_user_owned_authorized_keys_file
A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
whenever the expansions %h or ~ are used.
debug
A flag which enables verbose logging
sudo_service_name=<service name you compiled sudo to use>
(when compiled with --enable-sudo-hack)
Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.
This defaults to "sudo".
EXPANSIONS
~ -- same as in shells, a user's Home directory
Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file
%h -- User's Home directory
Automatically enables allow_user_owned_authorized_keys_file
%H -- The short-hostname
%u -- Username
%f -- FQDN
EXAMPLES
in /etc/pam.d/sudo
"auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
The default .ssh/authorized_keys file in a user's home-directory
"auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
Same as above.
"auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys. In this case, we have not
specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys. In this case, we specified
allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys. In this case, we
have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.
v0.8 2009-08-09 pam_ssh_agent_auth(8)