sudo + ssh..
Mridul Pentapalli
MridulP at virtusa.com
Tue Apr 8 04:17:18 EDT 2003
Thanks a lot!!! ssh-agent with ssh-add did the trick!!!
For others who are interested:
1. run ssh-agent.
2. Ensure that the correct environment variables are set
3. run ssh-add.
4. Run the original sudo command. sudo ssh*****
Regards,
Mridul.
Date: Mon, 07 Apr 2003 07:59:35 -0700
From: Jim Hopp <jim at netyourwork.com>
Subject: Re: sudo + ssh..
To: sudo-users at sudo.ws
Message-ID: <3E919257.8070402 at netyourwork.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
This is exactly what ssh-agent is designed for. In this case to set it
up you'd generate a public/private key pair for the user, put the public
key on machine 1.2.3.4, start ssh-agent on the local machine and load
the user's private key. From then on, ssh on the local machine will use
the ssh-agent to provide authentication when ssh connects to 1.2.3.4.
We use this mechanism extensively to run batch jobs across machines, and
it works great. And you don't have to do anything insecure like using
empty passphrases.
-Jim
Mridul Pentapalli wrote:
> Hi,
>
> I sent a mail to comp.security.ssh but no reply. I'm hoping that you guys
> have a pointer towards the solution... so here goes...
>
> My program is run by another program using sudo. I need to use netstat on
a
> remote machine. The command ends up looking like this
>
> sudo ssh -l blah 1.2.3.4 sudo netstat -p
>
> This asks me for the password of blah at 1.2.3.4.
>
> I have configured the remote machine in such a way that I can connect to
it
> with an empty passphrase.
>
> ssh -l blah 1.2.3.4 sudo netstat -p
>
> works without asking me for any password.
>
> Is there a way I can get the ssh to use the passphrase. Since this system
> call is being invoked from within a program, I do not want to pass the
> password every time.
>
> Regards,
> Mridul.
>
> "Code softly and carry a big debugger."
>
>
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
------------------------------
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users
End of sudo-users Digest, Vol 4, Issue 7
****************************************
More information about the sudo-users
mailing list