Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

Need to pass credentials in one Go

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users Need to pass credentials in one Go
# 8  
Old 07-23-2013
CPU & Memory
Quote:
Originally Posted by Corona688
To repeat:

This is a security measure, because stored plaintext passwords are an extremely bad idea.

They insist on talking to a human, and the way to do that is to insist on talking to a terminal. Not pipes, not files, just terminals.

You can fake a terminal with the expect language if you absolutely must, but this is a last resort.

Setting nopasswd in sudoers is a better idea. Even better if you can restrict it to one exact thing.

sudoers is sudo's config file, which you edit with the visudo command.
How is it then, the tools like winscp and others are able to feed in both username and password in one go ?

Also, I remember a project in which we used Autosys Server and Client. We have uploaded several scripts to the unix server and the autosys client would execute each script with different unix userids. So, I know it is possible. Not sure how !!

That's exactly what I am looking for !!
Last edited by mohtashims; 07-23-2013 at 05:57 AM..
# 9  
Old 07-23-2013
Quote:
Originally Posted by mohtashims
How is it then, the tools like winscp and others are able to feed in both username and password in one go ?
Windows utilities generally are not required to worry about UNIX security management for obvious reasons.

There are UNIX equivalents like sshpass but if you use them, beware -- it's possible that anyone on the system could see the password when you do so. They are not installed by default anyway, since they would be severe security holes. To repeat, these login systems are rigid about passwords for better reasons than ticking you off.

The proper way to do these things is still passwordless operation via sudo or ssh keys. Please at least consider them.

Quote:
Also, I remember a project in which we used Autosys Server and Client. We have uploaded several scripts to the unix server and the autosys client would execute each script with different unix userids. So, I know it is possible. Not sure how !!
Building your own daemon and utilities mean you get to decide how things work. Using already-existing daemons means you're restricted to how things already work.
Last edited by Corona688; 07-23-2013 at 12:48 PM..
# 10  
Old 07-24-2013
Hammer & Screwdriver
Quote:
Originally Posted by Corona688
The proper way to do these things is still passwordless operation via sudo or ssh keys. Please at least consider them.
I have set passwordless login between two ids on the same unix box.

I see this strange behavior.

For the first time even after exchanging keys it prompted for the password when i tried sudo.

After that i exit and tried to sudo several times and it never asked for the password.

Thinking all is fixed and good, I shutdown my system and tried to sudo after 2 hrs and I see it prompted for the password again.

Why is it prompting for the password upon sudo at random instances especially after a long break?
Last edited by mohtashims; 07-24-2013 at 06:18 AM..
# 11  
Old 07-24-2013
Quote:
Originally Posted by mohtashims
I see this strange behavior.

For the first time even after exchanging keys it prompted for the password when i tried sudo.
It remembers passwords for a few minutes after they're entered for convenience, in case you wanted to run a lot of commands in a short time.

It is plainly not working passwordlessly if it prompts you even once.

What exactly did you put in sudoers?
This User Gave Thanks to Corona688 For This Post:
mohtashims
# 12  
Old 07-24-2013
Quote:
Originally Posted by Corona688
It remembers passwords for a few minutes after they're entered for convenience, in case you wanted to run a lot of commands in a short time.

It is plainly not working passwordlessly if it prompts you even once.

What exactly did you put in sudoers?
Not the sudoers, but the key exchange.

I generated key pair using keygen command for user id user1 and copied the public key to the .ssh/authorized_keys file of user2 on the same box.

Code:
ssh-keygen -b 2048 -t rsa

Shouldn't this work ??

I shall open a new thread for this has gone off subject. Thank you !!
Last edited by mohtashims; 07-25-2013 at 02:23 AM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Hide and retrieve database credentials

Hi Everyone, I am new to shell scripting and I have a requirement to fire a sql statement to Oracle database and create a out file in Unix server. This will be plugged in to Autosys as a batch job. I have the database credentials saved in a configuration file in the below format. ... (7 Replies)
Discussion started by: Pradeep_Raj
7 Replies

2. AIX

Passing user/pass credentials to automountd map file.

How could I pass credentials to the automountd daemon through it's map files? Tried credentials=/some/file.txt - Didn't work. Tried SHARE.domain.com/user/pass/SHARE_NAME in map file - Didn't work Tried user=USER,pass=PASS - Didn't work. I can see the mounts created but when I access them... (4 Replies)
Discussion started by: Devyn
4 Replies

3. Shell Programming and Scripting

Logging into device with other set of credentials

If I run the below code... it will login into the router and then changes to privilege mode and then stores the running configuration information to an array. In this program, I have included the username and password . In case the username and password is wrong.. it will re login for 2 times... (0 Replies)
Discussion started by: scriptscript
0 Replies

4. Shell Programming and Scripting

Wget/curl credentials validation

Experts, I login to a 3rd party and pull some valuable information with my credentials. I pass my credentials via --post-data in wget. Now my Account is locked. I want my wget to alert that the Account is locked. How can i achieve this. My idea is, get the Source page html from the... (2 Replies)
Discussion started by: sathyaonnuix
2 Replies

5. Shell Programming and Scripting

perl script to open an executable and pass the user credentials

Is it possible to open an executable file and pass user credentials through the perl script. If yes Please do share the CPAN module names and the way to access the executable file. For eg. I want to open the IBM LOTUS Sametime through my perl code and pass the user credentials like... (1 Reply)
Discussion started by: giridhar276
1 Replies

6. Web Development

How to pass user credentials between apps on the same server?

I have a wordpress site that authenticates against a local ldap database for users to login. On the same server and domain I have subsonic installed that also authenticates against the same ldap database. The ldap database is firewalled front the outside wall and the internal LAN. I would like... (3 Replies)
Discussion started by: barrydocks
3 Replies

7. Shell Programming and Scripting

FTP credentials from a config file

Hi, I am using the following syntax to connect to an FTP server and paste the file. Based on the value in the variable $Folder, i want to connect to different folders on the same server. The credential is different to access different folders. How to get the user name and password from a... (3 Replies)
Discussion started by: ashok.k
3 Replies

8. Shell Programming and Scripting

Hide DB Credentials in unix

Hi, I my unix we have one file that contains all the database credentials. we are calling that file while connecting databse. I need to hide that file....other user should not view that file. How to do this. Please suggest me apart from permisstion(chmod) level suggestion. Regards,... (3 Replies)
Discussion started by: rsivasan
3 Replies

9. AIX

Telnet Credentials

Dears i am going to write a shell script to do some administration jobs and automate them , but i need to access remote servers through telnet so my question is how to pass the required credentials to telnet through shell script or can i use a file and redirect the standard input to be from that... (3 Replies)
Discussion started by: TheEngineer
3 Replies

10. UNIX for Dummies Questions & Answers

Ldap : Invalid credentials

Hi All, :) I have configure openldap but when I test this its show me a massage that "Invalid Creedientials". I search for the slove at Google, Yahoo but I did not find any solution. Plz help me. :cool: (3 Replies)
Discussion started by: Sudipta Biswas
3 Replies
Login or Register to Ask a Question