10-05-2018
Looks unreasonably complex to implement yes, with requests for functionality overlapping.
Is there another approach for desired outcome ?
Perhaps some web server and actual application....
You will have many issues with implementing your entire functionality using one user and SSH protocol.
If you manage to do that in the end you will have a hacky mess.
Perhaps more service users with separated privileges.
Linux and unix systems are multi user environments in their essence, so exploit that as much as you can.
Hope that helps
Regards
Peasant.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Our users have the tendency to use only one login account, to do their jobs. Obvious itīs a matter of training our users. But our internal audit team insists on restrictions from our system.
So is there an option to restrict an account to only login once into the system?
We use HP-UX 11.0.
... (0 Replies)
Discussion started by: Egroman
0 Replies
2. Homework & Coursework Questions
Q. Write a script that behaves both in interactive and non interactive mode. When no arguments are supplied it picks up each C program from the directory and prints first 10 lines.
It then prompts for deletion of the file.
If user supplies arguments with the script , then it works on those files... (1 Reply)
Discussion started by: rits
1 Replies
3. Homework & Coursework Questions
Q. Write a script that behaves both in interactive and non interactive mode. When no arguments are supplied it picks up each C program from the directory and prints first 10 lines.
It then prompts for deletion of the file.
If user supplies arguments with the script , then it works on those files... (8 Replies)
Discussion started by: rits
8 Replies
4. Solaris
Hey
Is there any way to differentiate if a user is logged directly into a UNIX functional account or if they have scsu'ed into the functional account?
Cheers
Paul (2 Replies)
Discussion started by: runnerpaul
2 Replies
5. Shell Programming and Scripting
Hi guys,
been scratching round the forums and my mountain of resources.
Maybe I havn't read deep enough
My question is not how sed edits a stream and outputs it to a file, rather something like this below:
I have a .txt with some text in it :rolleyes:
abc:123:xyz
123:abc:987... (7 Replies)
Discussion started by: the0nion
7 Replies
6. Red Hat
Hello experts,
Is it possible to have an user account on RHEL 6.3 as a su-only account, but with ssh capability and no interactive login? Let me elaborate.
Say, we have a cluster of 5 RHEL 6.3 servers and an user account (strmadmin) on each of the server as an su-only... (1 Reply)
Discussion started by: naveendronavall
1 Replies
7. AIX
Hi Everyone,
I want to know is it possible, restrict user login to AIX by IP and user name?
e.g.
user alice can login to AIX (via ssh or telnet) from 192.168.1.100
user alice can not login to AIX (via ssh or telnet) from 172.16.1.100
user bob can not login to AIX (via ssh or telnet)... (6 Replies)
Discussion started by: nnnnnnine
6 Replies
8. AIX
Hello,
I would like to confirm whether the below procedure is correct.
disabled direct super user access on AIX server using below procedure. Please let me know if there is any additional step.
1) confirm the access to HMC, console to reach the LPARs
2) chuser rlogin=false root
... (3 Replies)
Discussion started by: dio34
3 Replies
9. UNIX for Beginners Questions & Answers
I have Windows AD server and all of the linux computers are joined to AD.
Recently, 2FA has been activated, I wish to exclude some of the domain service accounts from 2FA
# less /etc/pam_radius_acl.conf
sshd:*
# /etc/pam.d/sshd
auth required pam_sepermit.so
auth requisite... (0 Replies)
Discussion started by: davidpar007
0 Replies
LEARN ABOUT DEBIAN
knife-ssh
KNIFE-SSH(1) Chef Manual KNIFE-SSH(1)
NAME
knife-ssh - Run a command or interactive session on multiple remote hosts
SYNOPSIS
knife ssh QUERY COMMAND (options)
-a, --attribute ATTR
The attribute to use for opening the connection - default is fqdn
-C, --concurrency NUM
The number of concurrent connections
-m, --manual-list
QUERY is a space separated list of servers
-P, --ssh-password PASSWORD
The ssh password
-x, --ssh-user USERNAME
The ssh username
-i, --identity-file IDENTITY_FILE
The SSH identity file used for authentication
-p, --ssh-port PORT
The ssh port
--[no-]host-key-verify
Verify host key, enabled by default.
DESCRIPTION
The ssh sub-command opens an ssh session to each of the nodes in the search results of the QUERY. This sub-command requires that the
net-ssh-multi and highline Ruby libraries are installed. On Debian systems, these are the libnet-ssh-multi-ruby and libhighline-ruby pack-
ages. They can also be installed as RubyGems (net-ssh-multi and highline, respectively).
TERMINAL MULTIPLEXING AND TERMINAL TAB SUPPORT
knife ssh integrates with several terminal multiplexer programs to provide a more convenient means of managing multiple ssh sessions. When
the COMMAND option matches one of these, knife ssh will create multiple interactive ssh sessions running locally in the terminal multi-
plexer instead of invoking the command on the remote host.
The available multiplexers are:
interactive
A built-in multiplexer. interactive supports running commands on a subset of the connected hosts in parallel
screen(1)
Runs ssh interactively inside screen. ~/.screenrc will be sourced if it exists.
tmux(1)
Runs ssh interactively inside tmux.
macterm (Mac OS X only)
Opens a Terminal.app window and creates a tab for each ssh session. You must install the rb-appscript gem before you can use this
option.
SEE ALSO
knife-search(1)
AUTHOR
Chef was written by Adam Jacob adam@opscode.com with many contributions from the community.
DOCUMENTATION
This manual page was written by Joshua Timberman joshua@opscode.com. Permission is granted to copy, distribute and / or modify this docu-
ment under the terms of the Apache 2.0 License.
CHEF
Knife is distributed with Chef. http://wiki.opscode.com/display/chef/Home
Chef 10.12.0 June 2012 KNIFE-SSH(1)